Home page logo

pen-test logo Penetration Testing mailing list archives

Re: custom xp_cmdshell on SQL Server
From: "Zed Qyves" <zqyves.spamtrap () gmail com>
Date: Thu, 14 Sep 2006 10:28:14 +0300

I would recommend against it...

Why don't you reload it (That is if someone hasn't revoked O/S user
privileges on the DLL)?

From the help file:

sp_addextendedproc [ () functname =] 'procedure',
   [ () dllname =] 'dll'

[ () functname =] 'procedure'
Is the name of the function to call within the dynamic-link library
(DLL). procedure is nvarchar(517), with no default. procedure
optionally can include the owner name in the form owner.function.
[ () dllname =] 'dll'
Is the name of the DLL containing the function. dll is varchar(255),
with no default.


exec master.sp_addextendedproc @functname='xp_cmdshell',  @dllname

Check the DLL name I am not sure if this (xpstar70.dll) is the correct
one, its been a while since I got my hands dirty :)


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]