Thread: [sqlmap-users] Is xp_cmdshell actived? Why it isn't working?
Brought to you by:
inquisb
Menu
▾
▴
sqlmap-users
|
From: Rodrigo Z. S. <rod...@gm...> - 2014-12-07 17:19:33
|
Hi. I am doing a pen test in the Microsoft SQL Server 2008 R2 and I can see that the xp_cmdshell is active. IN the table *master.sys.configurations*, the column *value_in_use *show it is 1, so it is active!! But, every command that I tried to use didn't result any value. I just tried the most obvious: DECLARE @result int; EXEC @result = xp_cmdshell 'echo a'; IF (@result = 0) WAITFOR DELAY '00:01:00' ELSE WAITFOR DELAY '00:00:05' But it just waint 5 second. Any idea why this happens? |
|
From: Miroslav S. <mir...@gm...> - 2014-12-07 19:25:33
|
No execution rights? Bye On Dec 7, 2014 6:19 PM, "Rodrigo Zanatta Silva" < rod...@gm...> wrote: > Hi. I am doing a pen test in the Microsoft SQL Server 2008 R2 and I can > see that the xp_cmdshell is active. > > IN the table *master.sys.configurations*, the column *value_in_use *show > it is 1, so it is active!! But, every command that I tried to use didn't > result any value. I just tried the most obvious: > > DECLARE @result int; EXEC @result = xp_cmdshell 'echo a'; IF (@result = 0) > WAITFOR DELAY '00:01:00' ELSE WAITFOR DELAY '00:00:05' > > But it just waint 5 second. Any idea why this happens? > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > _______________________________________________ > sqlmap-users mailing list > sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > > |
|
From: Rodrigo Z. S. <rod...@gm...> - 2014-12-07 19:31:27
|
You don't need just to have it activated? You say I can't run the EXEC? Any other way to avoid it? Is there anything I can do? Humm. Come in mind to impersonate another user and pray they can do this. 2014-12-07 17:25 GMT-02:00 Miroslav Stampar <mir...@gm...>: > No execution rights? > > Bye > On Dec 7, 2014 6:19 PM, "Rodrigo Zanatta Silva" < > rod...@gm...> wrote: > >> Hi. I am doing a pen test in the Microsoft SQL Server 2008 R2 and I can >> see that the xp_cmdshell is active. >> >> IN the table *master.sys.configurations*, the column *value_in_use *show >> it is 1, so it is active!! But, every command that I tried to use didn't >> result any value. I just tried the most obvious: >> >> DECLARE @result int; EXEC @result = xp_cmdshell 'echo a'; IF (@result = >> 0) WAITFOR DELAY '00:01:00' ELSE WAITFOR DELAY '00:00:05' >> >> But it just waint 5 second. Any idea why this happens? >> >> >> ------------------------------------------------------------------------------ >> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >> from Actuate! Instantly Supercharge Your Business Reports and Dashboards >> with Interactivity, Sharing, Native Excel Exports, App Integration & more >> Get technology previously reserved for billion-dollar corporations, FREE >> >> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> |
|
From: Miroslav S. <mir...@gm...> - 2014-12-07 19:32:55
|
You have to redirect output to an output file and read it afterwards. xp_cmdshell by itself doesn't return anything than the return code. Bye On Dec 7, 2014 8:31 PM, "Rodrigo Zanatta Silva" < rod...@gm...> wrote: > You don't need just to have it activated? You say I can't run the EXEC? > Any other way to avoid it? > > Is there anything I can do? Humm. Come in mind to impersonate another user > and pray they can do this. > > 2014-12-07 17:25 GMT-02:00 Miroslav Stampar <mir...@gm...>: > >> No execution rights? >> >> Bye >> On Dec 7, 2014 6:19 PM, "Rodrigo Zanatta Silva" < >> rod...@gm...> wrote: >> >>> Hi. I am doing a pen test in the Microsoft SQL Server 2008 R2 and I can >>> see that the xp_cmdshell is active. >>> >>> IN the table *master.sys.configurations*, the column *value_in_use *show >>> it is 1, so it is active!! But, every command that I tried to use didn't >>> result any value. I just tried the most obvious: >>> >>> DECLARE @result int; EXEC @result = xp_cmdshell 'echo a'; IF (@result = >>> 0) WAITFOR DELAY '00:01:00' ELSE WAITFOR DELAY '00:00:05' >>> >>> But it just waint 5 second. Any idea why this happens? >>> >>> >>> ------------------------------------------------------------------------------ >>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards >>> with Interactivity, Sharing, Native Excel Exports, App Integration & more >>> Get technology previously reserved for billion-dollar corporations, FREE >>> >>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> > |
|
From: Rodrigo Z. S. <rod...@gm...> - 2014-12-07 19:54:30
|
yeah... but... What I did make sense? I tested and for any value it only delay for the else value. I can't read any file until now. Everything I did fail. Is there another way to check if the xp_cmdshell is really working? I am out of idea now. 2014-12-07 17:32 GMT-02:00 Miroslav Stampar <mir...@gm...>: > You have to redirect output to an output file and read it afterwards. > xp_cmdshell by itself doesn't return anything than the return code. > > Bye > On Dec 7, 2014 8:31 PM, "Rodrigo Zanatta Silva" < > rod...@gm...> wrote: > >> You don't need just to have it activated? You say I can't run the EXEC? >> Any other way to avoid it? >> >> Is there anything I can do? Humm. Come in mind to impersonate another >> user and pray they can do this. >> >> 2014-12-07 17:25 GMT-02:00 Miroslav Stampar <mir...@gm...>: >> >>> No execution rights? >>> >>> Bye >>> On Dec 7, 2014 6:19 PM, "Rodrigo Zanatta Silva" < >>> rod...@gm...> wrote: >>> >>>> Hi. I am doing a pen test in the Microsoft SQL Server 2008 R2 and I can >>>> see that the xp_cmdshell is active. >>>> >>>> IN the table *master.sys.configurations*, the column *value_in_use *show >>>> it is 1, so it is active!! But, every command that I tried to use didn't >>>> result any value. I just tried the most obvious: >>>> >>>> DECLARE @result int; EXEC @result = xp_cmdshell 'echo a'; IF (@result = >>>> 0) WAITFOR DELAY '00:01:00' ELSE WAITFOR DELAY '00:00:05' >>>> >>>> But it just waint 5 second. Any idea why this happens? >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >>>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards >>>> with Interactivity, Sharing, Native Excel Exports, App Integration & >>>> more >>>> Get technology previously reserved for billion-dollar corporations, FREE >>>> >>>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >>>> _______________________________________________ >>>> sqlmap-users mailing list >>>> sql...@li... >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>> >>>> >> |
|
From: Brandon P. <bpe...@gm...> - 2014-12-07 20:12:34
|
Open up a netcat listener and make xp_cmdshell telnet into it as a test. On Sunday, December 7, 2014, Rodrigo Zanatta Silva < rod...@gm...> wrote: > yeah... but... What I did make sense? I tested and for any value it only > delay for the else value. > > I can't read any file until now. Everything I did fail. > > Is there another way to check if the xp_cmdshell is really working? I am > out of idea now. > > 2014-12-07 17:32 GMT-02:00 Miroslav Stampar <mir...@gm... > <javascript:_e(%7B%7D,'cvml','mir...@gm...');>>: > >> You have to redirect output to an output file and read it afterwards. >> xp_cmdshell by itself doesn't return anything than the return code. >> >> Bye >> On Dec 7, 2014 8:31 PM, "Rodrigo Zanatta Silva" < >> rod...@gm... >> <javascript:_e(%7B%7D,'cvml','rod...@gm...');>> wrote: >> >>> You don't need just to have it activated? You say I can't run the EXEC? >>> Any other way to avoid it? >>> >>> Is there anything I can do? Humm. Come in mind to impersonate another >>> user and pray they can do this. >>> >>> 2014-12-07 17:25 GMT-02:00 Miroslav Stampar <mir...@gm... >>> <javascript:_e(%7B%7D,'cvml','mir...@gm...');>>: >>> >>>> No execution rights? >>>> >>>> Bye >>>> On Dec 7, 2014 6:19 PM, "Rodrigo Zanatta Silva" < >>>> rod...@gm... >>>> <javascript:_e(%7B%7D,'cvml','rod...@gm...');>> wrote: >>>> >>>>> Hi. I am doing a pen test in the Microsoft SQL Server 2008 R2 and I >>>>> can see that the xp_cmdshell is active. >>>>> >>>>> IN the table *master.sys.configurations*, the column *value_in_use *show >>>>> it is 1, so it is active!! But, every command that I tried to use didn't >>>>> result any value. I just tried the most obvious: >>>>> >>>>> DECLARE @result int; EXEC @result = xp_cmdshell 'echo a'; IF (@result >>>>> = 0) WAITFOR DELAY '00:01:00' ELSE WAITFOR DELAY '00:00:05' >>>>> >>>>> But it just waint 5 second. Any idea why this happens? >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >>>>> from Actuate! Instantly Supercharge Your Business Reports and >>>>> Dashboards >>>>> with Interactivity, Sharing, Native Excel Exports, App Integration & >>>>> more >>>>> Get technology previously reserved for billion-dollar corporations, >>>>> FREE >>>>> >>>>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >>>>> _______________________________________________ >>>>> sqlmap-users mailing list >>>>> sql...@li... >>>>> <javascript:_e(%7B%7D,'cvml','sql...@li...');> >>>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>>>> >>>>> >>> > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X