😈 [ podalirius_, Podalirius ]
Today with my friend @_Worty we're releasing a technique to coerce an NTLM authentication on #Windows #SQL #Server as the machine account (in most cases). 🥳
A step by step demonstration is here: https://t.co/woCDA1M0Zr
🔗 https://github.com/p0dalirius/MSSQL-Analysis-Coerce
🐥 [ tweet ]
Today with my friend @_Worty we're releasing a technique to coerce an NTLM authentication on #Windows #SQL #Server as the machine account (in most cases). 🥳
A step by step demonstration is here: https://t.co/woCDA1M0Zr
🔗 https://github.com/p0dalirius/MSSQL-Analysis-Coerce
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Arris Huijgen @bitsadmin ]
#LOFLCAB highlight: Ssms.exe
Using SQL Server Management Studio with Kerberos authentication to obtain command execution on the SQL server using the xp_cmdshell stored procedure.
Details:
🔗 https://lofl-project.github.io/loflcab/Binaries/Ssms/
Full quality video:
🔗 https://blog.bitsadmin.com/living-off-the-foreign-land-windows-as-offensive-platform-part-3#sql-server
🐥 [ tweet ][ quote ]
#LOFLCAB highlight: Ssms.exe
Using SQL Server Management Studio with Kerberos authentication to obtain command execution on the SQL server using the xp_cmdshell stored procedure.
Details:
🔗 https://lofl-project.github.io/loflcab/Binaries/Ssms/
Full quality video:
🔗 https://blog.bitsadmin.com/living-off-the-foreign-land-windows-as-offensive-platform-part-3#sql-server
🐥 [ tweet ][ quote ]
🔥3