SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  SMB Request with xp_cmdshell Stored Procedure Call 2

Category: INFO      

xp_cmdshell is essentially a mechanism to execute arbitrary calls into the system using either the SQL Server context (i.e. the Windows account used to start the service) or a proxy account that can be configured to execute xp_cmdshell using different credentials. Because of its nature, xp_cmdshell is very flexible as it allows users to execute any arbitrary command using the system (or proxy) context without any good way to limit this flexibility, pretty much opening the door for abusing it.

References
http://en.wikipedia.org/wiki/SQL_injection


Relevant Information