-- Server Version
SELECT @@VERSION;
SELECT SERVERPROPERTY('InstanceName'),SERVERPROPERTY('MachineName'),SERVERPROPERTY('IsClustered');
exec sp_configure 'show advanced options',1;RECONFIGURE
-- Enumerate DBs
SELECT name, state_desc, recovery_model_desc FROM sys.databases ORDER BY name;
-- Trustworthy DBs
SELECT a.name AS 'database', b.name AS 'owner', is_trustworthy_on FROM sys.databases a JOIN sys.server_principals b ON a.owner_sid = b.sid;
-- Enumerate Tables
select table_name from information_schema.tables;
-- list server-level roles
EXEC sp_helpsrvrolemember;
-- Context + toggles snapshot
SELECT @@SERVERNAME AS server_name, SYSTEM_USER AS system_user, SUSER_SNAME() AS suser_sname, ORIGINAL_LOGIN() AS original_login, HOST_NAME() AS host_name, @@VERSION AS version;
SELECT name, value_in_use FROM sys.configurations WHERE name IN ('Ad Hoc Distributed Queries','xp_cmdshell','Ole Automation Procedures','clr enabled','clr strict security','external scripts enabled','cross db ownership chaining','remote access') ORDER BY name;
-- Roles snapshot
SELECT rp.name AS role_name, m.name AS member FROM sys.server_role_members rm JOIN sys.server_principals rp ON rm.role_principal_id = rp.principal_id JOIN sys.server_principals m ON rm.member_principal_id = m.principal_id ORDER BY rp.name, m.name;
RED TEAM / SQL / MSSQL / ENUMERATION