Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Add new MS SQL Code Execution module #7942
The new module requires SQL credentials for a user with sufficient privileges to:
The module does all of the above, as required. It uploads a .NET Assembly (pre-built, and stored in the
This module was tested on SQL 2005, 2012 and 2016 (all x64 versions). I haven't tested on x86 yet. there is code in the module that makes sure that the target architecture matches the payload that was chosen.
This code also includes command-line builds for the assembly that is used to provide the code execution function, and can be built in the same way that all the other exploits are built (from a Visual studio command line).
MS SQL 2005:
MS SQL 2016
Thanks again to Lee and Nathan for their work.
The MSSQL Code Execution module has been added. It can execute an arbitrary native payload on a Microsoft SQL server. It works by loading a custom SQL CLR Assembly into the target SQL installation. The module requires working credentials in order to connect directly to the MSSQL Server. This exploit does not leave any binaries on disk. It was tested on MSSQL Server versions: 2005, 2012, 2016 (all x64).