Videos
Published on June 17th, 2013 📆 | 5354 Views ⚑
0MS-SQL Injection 2 Meterpreter Shell (w Credentials)
Powered by iSpeech
A quick demonstration of how you can abuse MS-SQL direct access with credentials to deliver payloads and command execution using xp_cmdshell. In this case we use MSF to deliver meterpreter payload for easy system shell against the book app being used in the CTF i was trying to participate in. I will show how to do it purely through sql injection in the next one (w/o credentials). Hope you enjoy the show!
PS - sorry if quality is less than usual, idk whats going on....
2013-06-17 20:04:38
source
Gloss