LOLBAS/yml/OtherMSBinaries/Sqlps.yml

17 lines
461 B
YAML

---
Name: Sqlps.exe
Description: Execute, evade logging
Author: ''
Created: '2018-05-25'
Categories: []
Commands:
- Command: Sqlps.exe -noprofile
Description: Drop into a SQL Server PowerShell console without Module and ScriptBlock Logging.
Full Path:
- C:\Program files (x86\Microsoft SQL Server\100\Tools\Binn\sqlps.exe
Code Sample: []
Detection: []
Resources:
- https://twitter.com/bryon_/status/975835709587075072
Notes: Thanks to Bryon - @bryon_