Enable xp_cmdshell using sp_configure

When you install a SQL Server instance, any feature that is not necessary for the core engine to run has been disabled by default. xp_cmdshell is a significant security risk because it allows a compromised SQL Server to elevate the attack to the operating system itself, and from there to the entire network.

You can enable or disable features within your instance by executing the system stored procedure sp_configure with the xp_cmdshell option.

When the xp_cmdshell feature is disabled you will see the following message when it is executed:

Msg 15281, Level 16, State 1, Procedure xp_cmdshell, Line 1

SQL Server blocked access to procedure ‘sys.xp_cmdshell’ of component ‘xp_cmdshell’ because this component is turned off as part of the security configuration for this server. A system administrator can enable the use of ‘xp_cmdshell’ by using sp_configure. For more information about enabling ‘xp_cmdshell’, see “Surface Area Configuration” in SQL Server Books Online.

You can verify that the xp_cmdshell feature featured is disabled by executing the following query:

If the results of the query is 0 then the feature is disabled; if 1 then it is enabled.

In order to enable xp_cmdshell execute the following:

About Carlos Ferreira

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: