SeeCLRly
Fileless SQL Server CLR-based Custom Stored Procedure Command Execution
Install / Use
/learn @sekirkity/SeeCLRlyREADME
SeeCLRly
Fileless SQL Server CLR-based Custom Stored Procedure Command Execution
For more info about the techinque, please visit sekirkity.com
This techinque will allow for the execution of commands on a comprompised Microsoft SQL Server in a novel, fileless manner. The PowerShell module consists of two cmdlets:
- New-CLRProcedure - This cmdlet enables CLR stored procedures on the SQL Server, reconfigures it, loads the Dot Net assembly into memory, then creates a stored procedure from the loaded assembly.
- Invoke-CmdExec - This cmdlet passes a specified command to the previously created stored procedure, where it is then executed.
Instructions
First, import the module:
import-module SeeCLRly.ps1
Next, use the New-CLRProcedure cmdlet to create a custom stored procedure on the target SQL Server:
Add-CLRProcedure -Server MSSQL
Finally, use the Invoke-CmdExec cmdlet to execute commands on the target server:
Invoke-CmdExec -Server MSSQL -Command "mkdir c:\temp"
Roadmap
- Create another cmdlet to remove the custom stored procedure from the SQL Server
- Allow for the name of the assembly and the stored procedure to be changed via paramaters.
Acknowledgements
- Jourdan Templeton for his post on how to connect to a SQL Server in PowerShell.
- Andy Novik for his post on how to pass parameters to a custom stored procedure.
- wald0 for guidance.
- tifkin_ for doing it first.
- Scott Sutherland for his amazing work on PowerUpSQL.
Related Skills
feishu-drive
351.4k|
things-mac
351.4kManage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme; read/search/list from the local Things database)
clawhub
351.4kUse the ClawHub CLI to search, install, update, and publish agent skills from clawhub.com
postkit
PostgreSQL-native identity, configuration, metering, and job queues. SQL functions that work with any language or driver
