David Lister from SQL Services ... Info on Breaking into SQL ;)
PSExec tool gives you an option to run a
remote process or an application using System account, if SYSTEM account has
permission on that application. Although there are many more features that
are
For example, if SQL Server has NT
AUTHORITY\SYSTEM as one of its logins, then you can use this account to login
to SQL Server. However, you can’t use SQL Server Management Studio or sqlcmd to
login to SQL Server using NT AUTHORITY\SYSTEM. Try it yourself!
However, PSExec gives you an opportunity to
login to SQL Server using NT AUTHORITY\SYSTEM. Once you download PSExec tool
bundle from http://technet.microsoft.com/en-us/sysinternals/bb897553.aspxuse
command prompt and type following command:
D:\PSTools>psexec -i -s "C:\Program
Files (x86)\Microsoft SQL
Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe"
Here,
–i allow the program to run so that it
interacts with the desktop of the specified session on the remote system. If no
session is specified the process runs in the console session.
-s runs the process in SYSTEM account.
The above command will launch SQL Server
Management Studio and gives you a “Connect to Server” window and the User Name
will be pre-populated with NT AUTHORITY\SYSTEM. If NT AUTHORITY\SYSTEM has a
login authority to the server, you will be able to login to the SQL Server. If
you do not use “–i” switch, you won’t be able to launch management studio! So,
make sure you use –i and –s both!
However, if there is a deny to this login,
for example because of Trigger etc., then you won’t be able to login to SQL
Server using this technique.
1 comment:
Incredible post! This is really nice
table presentation on different Versions and service packs of SQL.
I appreciated your way of presenting about SQL. Thanks for posting.Keep it.up.
sql server
Post a Comment