MSSQL command
Execute MSSQL commands
nxc mssql <TARGET> -u <USERNAME> -p 'm$$ql_S@_P@ssW0rd!' --local-auth -q 'SELECT name FROM master.dbo.sysdatabases;'
Expected Results:
MSSQL 10.10.10.52 1433 None [+] admin:m$$ql_S@_P@ssW0rd! (Pwn3d!)
MSSQL 10.10.10.52 1433 None name
MSSQL 10.10.10.52 1433 None --------------------------------------------------------------------------------------------------------------------------------
MSSQL 10.10.10.52 1433 None master
MSSQL 10.10.10.52 1433 None tempdb
MSSQL 10.10.10.52 1433 None model
MSSQL 10.10.10.52 1433 None msdb
MSSQL 10.10.10.52 1433 None orcharddb
Info
When playing with MSSQL, you can use the tool MSDAT from quentinhardy
Example
Mantis machine is a good example to test MSSQL procotol with NetExec