Re: MSSQL Server Local and Remote exploit(Proof for executingadministrative commands remotely by using SA account)

[Blue Boar <BlueBoar () THIEVCO COM>]

Just a reminder to folks to never trust executable code from the
lists.  I don't know if there is anything wrong with the .exe
that was in the .zip in this message, but you've been warned.
I expect readers to treat it with much suspicion, and analyze
it like it was a piece of malware before attempting to use it.

Also, posters may want to remember that so far the best way to
post an .exe to the list is to put it into a passworded .zip
file.  A few mail gateways have gone off that tired to CC the
list to say that an .exe was attached, and that they were
dropping it.  Not a bad policy in general, depending on one's
userbase.  The original poster has received many more
such replies, I'm sure.  It's also useful to put in
a URL where said file can be found as well, since there
may be a few subscribers who would like to play, but are
behind a mail gateway that doesn't allow such things
through.

                                        BB