Posted by: Pdfprep
Post Date: November 23, 2020
During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account.
How can this weakness be exploited to access the system?
A . Using the Metasploit psexec module setting the SA / Admin credential
B . Invoking the stored procedure xp_shell to spawn a Windows command shell
C . Invoking the stored procedure cmd_shell to spawn a Windows command shell
D . Invoking the stored procedure xp_cmdshell to spawn a Windows command shell
Answer: D
Leave a Reply