If the policy on the server allows execution of xp_cmdshell then can find out the windows user that owns the spawned shell to handle OS commands executed from within sql server context
EXEC xp_cmdshell 'whoami'
to get the value into a variable can do following
DECLARE @whoisit nvarchar(4000)
CREATE TABLE #test ( output nvarchar(4000) null )
INSERT INTO #test (output)
EXEC xp_cmdshell 'whoami'
SELECT top 1 @whoisit = output
FROM #test
WHERE output IS NOT NULL
SELECT @whoisit "whoisit"
DROP TABLE #test
No comments:
Post a Comment