PowerUpSQL v1.104.13 releases: A PowerShell Toolkit for Attacking SQL Server

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

The PowerUpSQL module includes functions that support SQL Server discovery, auditing for common weak configurations, and privilege escalation on the scale. It is intended to be used during internal penetration tests and red team engagements. However, PowerUpSQL also includes many functions that could be used by administrators to quickly inventory the SQL Servers in their ADS domain.

Function Categories

Below is a list of PowerUpSQL function categories. The categories are loosely mapped to common SQL Server attack workflows. Each page contains a list of the associated functions that can be used during testing.

Changelog v1.104.13

  • add redbeam default credentials to get-sqlserverlogindefaultpw

Download

git clone https://github.com/NetSPI/PowerUpSQL.git

Usage

Setting Up PowerUpSQL

  • Option 1: Install it from the PowerShell Gallery. This requires local administrative privileges and will permanently install the module.
    Install-Module -Name PowerUpSQL
  • Option 2: Download the project and import it. This does not require administrative privileges and will only be imported into the current session. However, it may be blocked by restrictive execution policies.
    Import-Module PowerUpSQL.psd1
  • Option 3: Load it into a session via a downloading cradle. This does not require administrative privileges and will only be imported into the current session. It should not be blocked by executions policies.IEX(New-Object System.Net.WebClient).DownloadString(“https://raw.githubusercontent.com/NetSPI/PowerUpSQL/master/PowerUpSQL.ps1”) Note: To run as an alternative domain user, use the run as command to launch PowerShell first.runas /noprofile /netonly /user:domain\user PowerShell.exe

Getting Command Help

  • To list functions from the module, type: Get-Command -Module PowerUpSQL
  • To list help for a function, type: Get-Help FunctionName

Tutorial

Copyright (c) 2018, NetSPI
All rights reserved.

Source: https://github.com/NetSPI/

Share