
XP command shell option is enabled on the target machine or not. Next, we are using the sqsh tool in kali machine. This was the demonstration of how to enable XP command shell using the graphical user interface on a Windows MSSQL Server. We can see that we have the XPCmdShellEnabled option set as false.Ĭlicking on the XP command shell option, we change its value from false to true as shown in the figure below. We need to choose the Surface Area Configuration facets from the drop-down menu as shown in the image below.Īfter choosing the surface area configuration facet. It will have a field with the various types of facets available. We need to choose the “Facets” option from this menu as demonstrated below.Ĭlicking on the Facets option will open a new window. Here, we have the SQL Server Instance, we right-click on the instance to find a drop-down menu. we have the SQL instance running as Administrator, we need to access the Object Explorer section. In the demonstration below, we are using the credentials of the SA user to log in on the SQL Server. We should have administrator privileges to enable it. Enabling xp_cmdshellīy default, the function of xp_cmdshell is disabled in the SQL server. Now that we have some knowledge about the xp_cmdshell, we can see how it can be enabled on an SQL server. It was designed so that the developers can use the SQL queries with the system command to automate various tasks that would require additional programming and working. The implementation of the xp_cmdshell can be traced back to SQL Server 6.5. To simplify, we can say that it allows the database administrators to access and execute any external process directly from the SQL Server.

Any output that is generated by it is shown in the format of rows of text. To get the MS-SQL server set up, you can refer to our article: Penetration Testing Lab Setup: MS-SQL.Īccording to the Official Microsoft Documentations, xp_cmdshell is a functionality that spawns a Windows command shell and passes in a string for execution. Table of ContentĪll the demonstrations in this article will present on the MSSQL Server. This article is the series of MSSQL for pentester, here we will discover and exploit the security aspects of the xp_cmdshell functionality.
