forked from MrAnde7son/PowerShell
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAutheticate-SQL.ps1
51 lines (44 loc) · 1.34 KB
/
Autheticate-SQL.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
Function Autheticate-SQL
{
<#
.SYNOPSIS
This tool provides an easy way, once inside a Windows network, to try and achieve a privileged domain user account.
Author: Itamar Mizrahi (@MrAnde7son)
License: GNU v3
Required Dependencies: None
Optional Dependencies: None
.DESCRIPTION
.PARAMETER Password
Password to try and use for domain users
.EXAMPLE
#>
[CmdletBinding()]
param
(
[parameter(Mandatory=$True, Position=0, ValueFromPipeline=$True)]
[String]$ComputerName,
[parameter(Mandatory=$True, Position=1)]
[String]$UserName,
[parameter(Mandatory=$False, Position=2)]
[String]$Password
)
$connection = New-Object -TypeName System.Data.SqlClient.SqlConnection
$connectionString = "Data Source=$ComputerName;Initial Catalog=master;User Id=$UserName;Password=$Password"
$connection.ConnectionString = $connectionString
$command = $connection.CreateCommand()
$query = "select * from logins"
$command.CommandText = $query
try {
$connection.Open()
if($connection.State -eq "Open")
{
return $True
}
}
catch {
return $False
}
finally{
$connection.Close()
}
}