Microsoft SQL Server Clr Stored Procedure Payload Execution

Posted by deepcore on February 19, 2017 – 8:13 pm

This Metasploit module executes an arbitrary native payload on a Microsoft SQL server by loading a custom SQL CLR Assembly into the target SQL installation, and calling it directly with a base64-encoded payload. The module requires working credentials in order to connect directly to the MSSQL Server. This method requires the user to have sufficient privileges to install a custom SQL CRL DLL, and invoke the custom stored procedure that comes with it. This exploit does not leave any binaries on disk. Tested on MS SQL Server versions: 2005, 2012, 2016 (all x64).

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Plone 5.0.5 Cross Site Scripting Elefant CMS 1.3.12-RC Cross Site Request Forgery »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Microsoft SQL Server Clr Stored Procedure Payload Execution

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL