System
These procedures access the Windows operating system directly to return information or to manage files and processes.
- xp_availablemedia: Shows the physical drives on the server.
- xp_cmdshell: Allows execution of operating system commands in the security context of the SQL Server service. The most powerful and widely abused stored procedure.
- xp_displayparamstmt: Older versions are vulnerable to buffer overflow attacks. Undocumented, it can be used to execute SQL queries but its original purpose is unclear.
- xp_dropwebtask: Deletes a defined web job (instruction to render the result of a query into an HTML file).
- xp_enumerrorlogs: Displays the error logs used by SQL Server.
- xp_enumgroups: Lists the Windows user groups defined on the server.
- xp_eventlog: Used to read the Windows event logs.
- xp_execresultset: An undocumented procedure used to execute a number of commands passed as a resultset. Can be abused to quickly perform brute-force attacks against passwords if the password dictionary is available as a resultset.
- xp_fileexist: Tests if a specified file exists on the server's filesystem.
- xp_fixeddrives: Returns information about the server's drives and free space.
- xp_getfiledetails: Returns information about a particular file on the server, such as its size/creation date/last modified.
- xp_getnetname: Shows the server's network name. This could allow an attacker to guess the names of other machines on the network.
- xp_grantlogin: Used to grant a Windows user or group access ...
Get The Database Hacker's Handbook: Defending Database Servers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.