Some of
the queries in the table below can only be run by an admin. These are marked
with “– priv” at the end of the query.
Misc Tips
In no particular order, here are some suggestions from pentestmonkey readers.
From Dan Crowley:
From Jeremy Bae:
Tip about sp_helpdb – included in table above.
From Trip:
List DBAs (included in table above now):
select name from master..syslogins where sysadmin = ’1′
From Daniele Costa:
Tips on using fn_my_permissions in 2005, 2008 – included in table above.
Also:
To check permissions on multiple database you will have to use the following pattern.
USE [DBNAME]; select permission_name FROM fn_my_permissions (NULL, ‘DATABASE’)
Note also that in case of using this data with a UNION query a collation error could occur.
In this case a simple trick is to use the following syntax:
select permission_name collate database_default FROM fn_my_permissions (NULL, ‘DATABASE’)
