Introduction to MSSQL/SQL Server

SQL is a standardized language for interacting with relational databases. The five most common (as of Dec 15, 2022) are:

  1. Oracle
  2. MySQL
  3. Microsoft SQL Server
  4. PostgreSQL
  5. IBM Db2

In this module, we will be focusing on blind SQL injection attacks using examples in Microsoft SQL Server (MSSQL). In addition to this, we will cover MSSQL-specific attacks. As SQL is standardized, the attacks taught in this module may be easily adapted to work against other relational databases.

Interacting with MSSQL Server Using PowerShell.

sqlcmd -S '10.129.24.65' -U 'thomas' -P 'TopSecretPassword23!' -d bsqlintro -W

image.png

Let’s get all the Database tables

SELECT * FROM INFORMATION_SCHEMA.TABLES;

image.png

Now let’s select the first 3 records in the database

SELECT TOP 3 * FROM USERS;

image.png

Now let’s select specific columns.

SELECT TOP 3 users.username,users.password FROM USERS;

image.png