SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

New Article: Exploiting SQL Server via CONTROL SERVER permissions

I have a new article up at MSSQLTips.com, covering what someone can do with CONTROL SERVER. Most folks know to look for changes in the sysadmin role, and knowing this, if I want to cover my tracks I don't want to give a login that membership. However, a lot of folks don't look for CONTROL SERVER permissions and this is a mistake. This article shows the exploit that someone with CONTROL SERVER (or being a member of the securityadmin role) can use to escalate privileges on the server.

Potential Security Exploit Using CONTROL SERVER permissions in SQL Server


K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.


Posted by opc.three on 1 March 2012

Thanks for posting Brian. I added this to my "instance takeover" script to make sure I know which logins have CONTROL SERVER, in addition to knowing who is a member of the sysadmin or securityadmin server roles.

Leave a Comment

Please register or log in to leave a comment.