lucifer
25-08-2008, 10:28 PM
This stored procedure "xp_cmdshell" is very dangerous instruction when Attacker can guess database's account and using xp_cmdshell to get own shell :P
When Database's admin Disable 'xp_cmdshell', We can't get shell from MSSQL. So we have solution to Enable xp_cmdshell from SQL Injection Vulnerability.
**Hidden Content: Check the thread to see hidden data.**
When Database's admin Disable 'xp_cmdshell', We can't get shell from MSSQL. So we have solution to Enable xp_cmdshell from SQL Injection Vulnerability.
**Hidden Content: Check the thread to see hidden data.**