Hack yourself in to get sysadmin rights on a sql server

Daar we hier op ons project geen enkele account met sysadmin-access hebben op de sql servers (die zijn overgekocht van het andere bedrijf), moest deze morgen alles even “gehacked” worden om toch volledige toegang te krijgen.

Problem: you don’t have sysadmin access to a sql server
you need: a recent backup from the master database + a normal sql user account

procedure:
1. Restore that recent backup on another sql server with another name
2. open table sysxlogins in the master database and change the xstatus-column to 18 for a known user-account.
status 18 = binair 10010 = you get sysadmin permission + you get access (see read more for more options)

3. dettach this database from the server and copy the master.mdf and mastlog.ldf file to the locked sql server
4. On the locked server you have to stop the sql server service and overwrite the original master.mdf and mastlog.ldf files
5. Startup the service again and log in with the known useraccount and you will see that you have now sysadmin access on that server!


xstatus column
Purpose Bit Description
denylogin 1 Indicates whether the login account is permitted access to the server.
hasaccess 2 Indicates whether the login account is permitted access to the server.
isntname 3 Is the name a Windows NT account name?
isntuser 4 Is the account a Windows NT user account?
sysadmin 5
0 = not a member
1 = is a member
securityadmin 6
serveradmin 7
setupadmin 8
processadmin 9
diskadmin 10
dbcreator 11
bulkadmin 12


Gerelateerde berichten

Herman Maes - online marketeer seo freelancer

Herman Maes

Online marketeer en (tech)blogger sinds 2002. Zelfstandige in bijberoep met Daily Bits sinds 2012. Overdag SEO/Hubspot/Marketing Technology Teamlead en thuis de papa van een zoon en een dochter.

One comment

Submit a comment

Het e-mailadres wordt niet gepubliceerd. Verplichte velden zijn gemarkeerd met *