Abusing SQL Server Trusts in a Windows Domain
What about this course?
MS SQL Server is widely used in enterprise networks. Due to its use by third-party applications, support for legacy applications, and use as a database, SQL Server is a treasure trove for attackers. It gets integrated within an active directory environment very well, which makes it an attractive target for abuse of features and privileges. In this training, we will see that how to attack a SQL Server not only as an individual service but as a part of the enterprise network. We will discuss the mutual trust which SQL Server has with domain, users and how linked SQL Servers can be abused. We will perform enumeration and scanning, privilege escalation, and post-exploitation tasks like Domain Privilege Escalation, identifying juicy information, Command Execution, retrieving system secrets, lateral movement, persistence, and more. <p> </p> <p><span style="font-size:18px"><span style="color:#e74c3c"><strong>IMPORTANT INFORMATION!</strong></span></span></p> <p><span style="color:#dddddd"><strong>As of January 15th 2023, Pentester Academy & INE no longer offers:</strong></span></p> <li><span style="color:#dddddd"><strong>Enterprise Security Labs (Active Directory/Red Team Labs & Courses)</strong></span></li> <li><span style="color:#dddddd"><strong>Active Directory/Azure Bootcamps and its associated certifications (CRTP/CRTE/PACES/LinuxAD/CARTP/CAWASP)</strong></span></li> <p><span style="color:#dddddd"><u><strong>Prior to April 18th 2023, all current subscribers will still be able to access this course, after which it will be no longer available.</strong></u></span></p>

Instructor for this course
Nikhil Mittal
InfoSec Researcher
This course is composed by the following modules
Course Introduction
MS SQL Server Basics
Powershell Role and Introduction
Discovering SQL Server within the Domain
Bruteforce Attacks on SQL Server
Post Exploitation Data Enumeration
Privilege Escalation: Impersonation
Privilege Escalation: Trustworthy Property
Command Execution Part 1
Command Execution Part 2
Mapping Trusts
Exploiting Database Links
Privilege Escalation: Miscellaneous Techniques
Persistence
Defenses
Course Conclusion
Common Course Questions
If you have a question you don’t see on this list, please visit our Frequently Asked Questions page by clicking the button below.
If you’d prefer getting in touch with one of our experts, we encourage you to call one of the numbers above or fill out our contact form.
Do you offer training for all student levels?