xp_cmdshell reverse shell

🔝 How to get a xp_cmdshell reverse shell

In a pentesting engagement, if you got the credentials of the MS SQL SERVER you can easily execute any command on the database server with nmap NSE script, ms-sql-xp-cmdshell: You have to substitute the following parameters of the above command: mssql.username mssql.password ms-sql-xp-cmdshell.cmd If you want to execute a reverse shell to connect back to…
Read more