Description: In this video you will learn how you can get Meterpreter shell via Database Link Crawler SQLi, If you found any Vulnerability in SQL Server so how can to take advance of that vulnerability you can dump all the databases and next ? So this module will help you to get a Meterpreter shell via Crawling the Database and Crawler will find sysadmin then using that privs and an error based method you can inject your payload and you can get a Meterpreter shell.
This module can be used to crawl MS SQL Server database links and deploy metasploit payloads through links configured with sysadmin privileges via SQL injection. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler" advanced option to "true", and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to spefic servers this module also supports that functionality via the "DEPLOYLIST" option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work . As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads. The module supports error, union, and time based SQL injection. However, be aware that the module will not discover SQL injection for you. Below are a few basic examples of how to set the GET_PATH parameter correctly for each type of injection.
Source & Module : - https://github.com/nullbind/Metasploit-Modules/blob/master/mssql_linkcrawler_sqli.rb
Tags: hacking , hack , sql-server , microsoft , sql-injection , error-based ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.