xp_cmdshell

Rédigé par Sozezzo - - Aucun commentaire

We can spawn a Windows command shell and passes in a string for execution. Any output is returned as rows of text. (msdn)
ex:

xp_cmdshell 'dir C:\'


Set configuration

-- --------------------------------
-- Set Configuration
-- --------------------------------
--

-- To allow advanced options to be changed.
EXEC sp_configure 'show advanced options', 1;
GO
-- To update the currently configured value for advanced options.
RECONFIGURE
GO
-- To enable the feature.
EXEC sp_configure 'xp_cmdshell', 1
GO
-- To update the currently configured value for this feature.
RECONFIGURE
--

 

but, we can do more...


-- --------------------------------
-- Get server access by SQL Server
-- --------------------------------
-- User : MyNewUser
-- password : MyP@ss1Word!

xp_cmdshell 'NET USER UserTest MyP@ss1Word! /ADD'
xp_cmdshell 'NET localgroup "Administrators" MyNewUser /ADD'
-- --------------------------------

 

-- --------------------------------
-- Delete user
xp_cmdshell 'NET USER MyNewUser /DELETE
-- --------------------------------

 


-- --------------------------------
-- Get list of logical by SQL Server
-- --------------------------------

xp_cmdshell 'wmic logicaldisk get name'


-- with details
xp_cmdshell 'wmic logicaldisk get name,caption,description,drivetype,providername,volumename,size, freespace'

 

source : https://social.technet.microsoft.com/forums/windowsserver/en-US/a2f8e48e-38fc-4bc6-9e0e-e7cedea83d66/hard-disk-information-from-command-prompt
source : https://ardamis.com/2012/08/21/getting-a-list-of-logical-and-physical-drives-from-the-command-line/

 

Les commentaires sont fermés.