nxc-mssql

tests Microsoft SQL Server credentials and executes queries

TLDR

Test MSSQL credentials

$ nxc mssql [192.168.1.100] -u [user] -p [password]

Execute query

$ nxc mssql [target] -u [sa] -p [password] -q "[SELECT @@version]"

Enable xp_cmdshell

$ nxc mssql [target] -u [sa] -p [password] -M mssql_priv

Execute OS command

$ nxc mssql [target] -u [sa] -p [password] -x [whoami]

SYNOPSIS

nxc mssql target [options]

DESCRIPTION

nxc mssql tests Microsoft SQL Server credentials and executes queries. Part of NetExec security testing framework. Supports privilege escalation and command execution.

PARAMETERS

-u user

Username.

-p pass

Password.

-q query

Execute SQL query.

-x cmd

Execute OS command via xp_cmdshell.

--port port

MSSQL port.

-M module

Run module.

CAVEATS

For authorized security assessments only. Requires proper authorization.