Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Tw1sm/SQL-BOF
Library of BOFs to interact with SQL servers
https://github.com/Tw1sm/SQL-BOF
bof sql
Last synced: about 2 months ago
JSON representation
Library of BOFs to interact with SQL servers
- Host: GitHub
- URL: https://github.com/Tw1sm/SQL-BOF
- Owner: Tw1sm
- License: gpl-2.0
- Created: 2024-01-26T20:42:23.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2024-05-24T17:53:25.000Z (7 months ago)
- Last Synced: 2024-08-02T15:06:31.853Z (5 months ago)
- Topics: bof, sql
- Language: C
- Homepage:
- Size: 535 KB
- Stars: 125
- Watchers: 2
- Forks: 19
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# SQL-BOF
A library of beacon object files to interact with remote SQL servers and data. This collection is templated off the TrustedSec [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF) collection and models the functionality of the [SQLRecon](https://github.com/skahwah/SQLRecon) project.## Usage
Load the aggressor script located at `SQL/SQL.cna`.⚠️ Use x64 BOFs only, issue with x86 BOFs tracked [here](https://github.com/Tw1sm/SQL-BOF/issues/1) ⚠️
## Available commands
|Commands|Usage|Notes|
|--------|-----|-----|
|sql-adsi|[server] [ADSI_linkedserver] [opt: port] [opt: database] [opt: linkedserver] [opt: impersonate] |Obtain ADSI creds from ADSI linked server |
|sql-agentcmd |[server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a system command using agent jobs |
|sql-agentstatus |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate SQL agent status and jobs |
|sql-checkrpc |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate RPC status of linked servers |
|sql-clr |[server] [dll_path] [function] [opt: database] [opt: linkedserver] [opt: impersonate] |Load and execute .NET assembly in a stored procedure |
|sql-columns |[server] [table] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate columns within a table |
|sql-databases |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate databases on a server|
|sql-disableclr |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Disable CLR integration |
|sql-disableole |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Disable OLE Automation Procedures |
|sql-disablerpc |[server] [linkedserver] [opt: database] [opt: impersonate] |Disable RPC and RPC out on a linked server |
|sql-disablexp |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Disable xp_cmdshell |
|sql-enableclr |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enable CLR integration |
|sql-enableole |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enable OLE Automation Procedures |
|sql-enablerpc |[server] [linkedserver] [opt: database] [opt: impersonate] |Enable RPC and RPC out on a linked server |
|sql-enablexp |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enable xp_cmdshell |
|sql-impersonate |[server] [opt: database] |Enumerate users that can be impersonated |
|sql-info |[server] [opt: database] |Gather information about the SQL server |
|sql-links |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate linked servers |
|sql-olecmd |[server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a system command using OLE automation procedures |
|sql-query |[server] [query] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a custom SQL query |
|sql-rows |[server] [table] [opt: database] [opt: linkedserver] [opt: impersonate] |Get the count of rows in a table |
|sql-search |[server] [search] [opt: database] [opt: linkedserver] [opt: impersonate] |Search a table for a column name |
|sql-smb |[server] [\\\\listener] [opt: database] [opt: linkedserver] [opt: impersonate] |Coerce NetNTLM auth via xp_dirtree |
|sql-tables |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate tables within a database |
|sql-users |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate users with database access |
|sql-whoami |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Gather logged in user, mapped user and roles |
|sql-xpcmd |[server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a system command via xp_cmdshell |## References
- [SQLRecon](https://github.com/skahwah/SQLRecon) by [@sanjivkawa](https://twitter.com/sanjivkawa)
- [PySQLRecon](https://github.com/Tw1sm/PySQLRecon)
- [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF)