This video shows:
– Metasploit auxiliary module MSSQL
– XP_CMDSHELL to interact with SO without tools
– Meterpreter and SQLMAP to exploit MS09-004 thought SQL injection

This and more videos: http://www.el-palomo.com
You can see more videos in: http://www.facebook.com/El.Palomo.Seguridad.Informacion

source