Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Tw1sm/SQL-BOF

Library of BOFs to interact with SQL servers
https://github.com/Tw1sm/SQL-BOF

bof sql

Last synced: 5 days ago
JSON representation

Library of BOFs to interact with SQL servers

Host: GitHub
URL: https://github.com/Tw1sm/SQL-BOF
Owner: Tw1sm
License: gpl-2.0
Created: 2024-01-26T20:42:23.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-05-24T17:53:25.000Z (6 months ago)
Last Synced: 2024-08-02T15:06:31.853Z (3 months ago)
Topics: bof, sql
Language: C
Homepage:
Size: 535 KB
Stars: 125
Watchers: 2
Forks: 19
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # SQL-BOF

A library of beacon object files to interact with remote SQL servers and data. This collection is templated off the TrustedSec [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF) collection and models the functionality of the [SQLRecon](https://github.com/skahwah/SQLRecon) project.

## Usage

Load the aggressor script located at `SQL/SQL.cna`. 

⚠️ Use x64 BOFs only, issue with x86 BOFs tracked [here](https://github.com/Tw1sm/SQL-BOF/issues/1) ⚠️

## Available commands

|Commands|Usage|Notes|

|--------|-----|-----|

|sql-adsi|[server] [ADSI_linkedserver] [opt: port] [opt: database] [opt: linkedserver] [opt: impersonate] |Obtain ADSI creds from ADSI linked server |

|sql-agentcmd |[server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a system command using agent jobs |

|sql-agentstatus |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate SQL agent status and jobs |

|sql-checkrpc |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate RPC status of linked servers |

|sql-clr |[server] [dll_path] [function] [opt: database] [opt: linkedserver] [opt: impersonate] |Load and execute .NET assembly in a stored procedure |

|sql-columns |[server] [table] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate columns within a table |

|sql-databases |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate databases on a server|

|sql-disableclr |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Disable CLR integration |

|sql-disableole |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Disable OLE Automation Procedures |

|sql-disablerpc |[server] [linkedserver] [opt: database] [opt: impersonate] |Disable RPC and RPC out on a linked server |

|sql-disablexp |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Disable xp_cmdshell |

|sql-enableclr |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enable CLR integration |

|sql-enableole |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enable OLE Automation Procedures |

|sql-enablerpc |[server] [linkedserver] [opt: database] [opt: impersonate] |Enable RPC and RPC out on a linked server |

|sql-enablexp |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enable xp_cmdshell |

|sql-impersonate |[server] [opt: database] |Enumerate users that can be impersonated |

|sql-info |[server] [opt: database] |Gather information about the SQL server |

|sql-links |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate linked servers |

|sql-olecmd |[server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a system command using OLE automation procedures |

|sql-query |[server] [query] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a custom SQL query |

|sql-rows |[server] [table] [opt: database] [opt: linkedserver] [opt: impersonate] |Get the count of rows in a table |

|sql-search |[server] [search] [opt: database] [opt: linkedserver] [opt: impersonate] |Search a table for a column name |

|sql-smb |[server] [\\\\listener] [opt: database] [opt: linkedserver] [opt: impersonate] |Coerce NetNTLM auth via xp_dirtree |

|sql-tables |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate tables within a database |

|sql-users |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Enumerate users with database access |

|sql-whoami |[server] [opt: database] [opt: linkedserver] [opt: impersonate] |Gather logged in user, mapped user and roles |

|sql-xpcmd |[server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] |Execute a system command via xp_cmdshell |

## References

- [SQLRecon](https://github.com/skahwah/SQLRecon) by [@sanjivkawa](https://twitter.com/sanjivkawa)

- [PySQLRecon](https://github.com/Tw1sm/PySQLRecon)

- [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF)