A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Beyond xp_cmdshell: Owning the Empire through SQL Server - Alexander Leary & Scott Sutherland Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Beyond xp_cmdshell: Owning the Empire through SQL Server
Alexander Leary & Scott Sutherland
Derbycon 2017

During this presentation, well cover interesting techniques for executing operating system commands through SQL Server that can be used to avoid detection and maintain persistence during red team engagements. Well also talk about automating attacks through PowerShell Empire and PowerUpSQL. This will include a review of command execution through custom extended stored procedures, CLR assemblies, WMI providers, R scripts, python scripts, agent jobs, and custom ole objects. Well also dig into some new integrations with PowerShell Empire. All code and slide decks will be released during the presentation. This should be interesting to blue teamers looking for a faster way to test their detective control capabilities and red teamers looking for a practical way to avoid detection while trying to maintain access to their target environments.

Alexander Leary and Scott Sutherland conduct penetration testing, red team, and purple team engagements through NetSPI. Scott is the author of PowerUpSQL and Alexander has contributed code to PowerUPSQL and PowerShell Empire.

@0xbadjuju, @_nullbind

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast