MSSQL command

Execute MSSQL command using CrackMapExec

Execute MSSQL command

cme mssql 10.10.10.52 -u admin -p '[email protected][email protected]!' --local-auth -q 'SELECT name FROM master.dbo.sysdatabases;'

Expected Results:

MSSQL 10.10.10.52 1433 None [+] admin:[email protected][email protected]! (Pwn3d!)
MSSQL 10.10.10.52 1433 None name
MSSQL 10.10.10.52 1433 None --------------------------------------------------------------------------------------------------------------------------------
MSSQL 10.10.10.52 1433 None master
MSSQL 10.10.10.52 1433 None tempdb
MSSQL 10.10.10.52 1433 None model
MSSQL 10.10.10.52 1433 None msdb
MSSQL 10.10.10.52 1433 None orcharddb

When playing with MSSQL, you can use the tool MSDAT from quentinhardy

Example

Mantis machine is a good example to test MSSQL procotol with CrackMapExec