Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Nmap NSE net: ms-sql-xp-cmdshell

Information

Severity

Severity

Medium

Family

Family

Nmap NSE net

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Mitigation

Created

Created

12 years ago

Modified

Modified

5 years ago

Summary

Attempts to run a command using the command shell of Microsoft SQL Server (ms-sql). The script needs an account with the sysadmin server role to work. It needs to be fed credentials through the script arguments or from the scripts 'ms-sql-brute' or 'ms-sql-empty- password'. When run, the script iterates over the credentials and attempts to run the command until either all credentials are exhausted or until the command is executed. SYNTAX: mssql-xp-cmdshell.cmd: specifies the OS command to run. (default is ipconfig /all) mssql.timeout: How long to wait for SQL responses. This is a number followed by 'ms' for milliseconds, 's' for seconds, 'm' for minutes, or 'h' for hours. Default: '30s'. mssql.password: specifies the password to use to connect to the server. This option overrides any accounts found by the 'ms-sql-brute' and 'ms-sql-empty-password' scripts. mssql.username: specifies the username to use to connect to the server. This option overrides any accounts found by the 'ms-sql-brute' and 'ms-sql-empty-password' scripts.