BlogNews

a C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation

Description

A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. For detailed usage information on each technique, refer to the wiki.

You can grab a copy of SQLRecon from the releases page. Alternatively, feel free to compile the solution yourself This should be as straight forward as cloning the repo, double clicking the solution file and building.

  • -a – Authentication Type
    • -a Windows – Use Windows authentication. This uses the current users token.
    • -a Local – Use local authentication. This requires the credentials for a local database user.
    • -a Azure – Use Azure AD domain username and password authentication. This requires the credentials for a domain user.

If the authentication type is Windows, then you will need to supply the following parameters.

  • -s SERVERNAME – SQL server hostname
  • -d DATABASE – SQL server database name
  • -m MODULE – The module you want to use

If the authentication type is Local, then you will need to supply the following parameters.

  • -d DATABASE – SQL server database name
  • -u USERNAME – Username of local SQL user
  • -p PASSWORD – Password of local SQL user
  • -m MODULE – The module you want to use

If the authentication type is Azure, then you will need to supply the following parameters.

  • -d DATABASE – SQL server database name
  • -r DOMAIN.COM – FQDN of Domain
  • -u USERNAME – Username of domain user
  • -p PASSWORD – Password of domain user
  • -m MODULE – The module you want to use

wiki. for detailed examples.

https://github.com/skahwah/SQLRecon


Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button