During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The
tester assumes that the service is running with Local System account. How can this weakness be exploited to
access the system?
A.
Using the Metasploit psexec module setting the SA / Admin credential
B.
Invoking the stored procedure xp_shell to spawn a Windows command shell
C.
Invoking the stored procedure cmd_shell to spawn a Windows command shell
D.
Invoking the stored procedure xp_cmdshell to spawn a Windows command shell