xp_cmdshell

will run using the sql service credentials

xp_cmdshell ‘whoami’ to check this

if not an admin will run using the proxy account – check security -> ##xp_cmdshell_proxy_Account##

working folder can be found xp_cmdshell ‘dir’ likely to be system32

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: