Home Forums SQL Server 2008 T-SQL (SS2K8) How to call a batch file to execute from an SP RE: How to call a batch file to execute from an SP

  • March 27, 2013 at 7:52 am

    #1601157

    mister.magoo (3/27/2013)

    Jeff Moden (3/26/2013)

    mister.magoo (3/26/2013)

    How do we all feel about SQL Agent Jobs and the ability to run operating system commands from them?

    (I know the user running the job will have been configured to have minimal permissions, but it still may have access to resources the attacker wouldn't normally have access to)

    And SSIS packages that can FTP / email / perform file operations / run ad-hoc .net code - are they ok ?

    Don't they also provide the opportunity for an "attacker" known or unknown to perform tasks with permissions other than their own?

    Or how about someone gaining access to your workstation or the server and using SQLCMD mode in SSMS to run operating system commands? (assuming you have already locked down the dos prompt and the windows Run command and the "Run..." command on the windows task manager and the File...Open dialogs in Office)...

    Oh hold on, while I was typing this, someone stole my server...damn it!

    :hehe:

    I'm pretty sure that having xp_CmdShell turned off isn't going to help any of those. 🙂

    No, but to be fair (because tension is high enough in here) no-one has suggested it would, but my unasked question there is "would opc.three also disable these tools?" I doubt it.

    Actually what I am saying is that if you disable xp_cmdshell on all your instances great riches will magically appear in your bank account, great friendship will find you, world peace will descend from the heavens all over the globe, and your instances will automatically be impenetrable from all attackers, internal and external.

    xp_cmdshell is but one attack vector. The others you mentioned also need to be considered and locked down to the best of one's ability in the context of the given environment and the policies and procedures in place. They are actually no less important to do, but it is far less straightforward than simply avoiding xp_cmdshell and taking some of the additional steps I mentioned, and far less of a topic on these forums I might add when it comes to discussing how to get data from instanceA to instanceB with possibly some light transforms in between.

    There are no special teachers of virtue, because virtue is taught by the whole community.
    --Plato