SQL - How to convert multiple rows into single rows with more columns?
Hello Everyone,
I have a SQL report which pulls a list of orders. It returns each product on a new row, so orders with multiple products have multiple rows, 5 products max. I need to convert this report into one which has a single row for each order. Please see the attached screen shot showing the format I have and the one that is needed. My Google search pulled up cross-tab SQL queries, but in my case I am not looking to aggregate anything, simply rearrange data. Could someone please advise how this can be accomplished in Microsoft SQL Server 2012 Standard?
Services that support Kerberos authentication require to have a Service Principal Name (SPN) associated to point users to the appropriate resource for connection. Discovery of SPNs inside an internal network is performed via LDAP queries and can assist red teams to identify hosts that are running important services such as Terminal, Exchange, Microsoft SQL etc. and being stealthy at the same time. Furthermore identification of SPNs is the first step to the kerberoasting attack.
SetSPNis a native windows binary which can be used to retrieve the mapping between user accounts and services. This utility can add, delete or view SPN registrations.
1
setspn -T pentestlab -Q */*
Services that are bind to a domain user account and not a computer account are more likely configured with a weak password since the user has selected the password. Therefore services which they have theirCanonical-NametoUsersshould be targeted for Kerberoasting. From the list of SPNs below the servicePENTESTLAB_001is associated with a user account.
GetUserSPNs
Tim Medindeveloped a PowerShell script which is part ofkerberoasttoolkit and can query the active directory to discover only services that are associated with a user account as a more focused approached compared to SetSPN.
1
powershell_import /root/Desktop/GetUserSPNs.ps1
There is also a VBS script which is part of the same tookit and can provide the same information. The script can be executed from the windows command prompt by using the native Windows binarycscript.
1
cscript.exe GetUserSPNs.vbs
PowerShell AD Recon
Similarly to whatTim MedindevelopedSean Metcalfwrote various PowerShell scripts to perform recon against Kerberos. These scripts are part ofPowerShell AD Reconrepository and can query the Active Directory for interesting services such as Exchange, Microsoft SQL, Terminal etc. Sean bind each script to a specific service depending on what SPN the red teamer would like to discover. The following script will identify all the Microsoft SQL instances on the network.
Enumeration of service accounts is important as these accounts might be configured with a weak password. The attributesPasswordLastSetandLastLogoncan provide an indication of services which have a higher possibility to have a weak password set.
PowerShell Empire has also a module which can display Service Principal Names (SPN) for domain accounts. This module is part of theSituational Awarenesscategory and it should be used as stealth network recon in a red team engagement.
1
usemodule situational_awareness/network/get_spn
The services will be presenting in the following format.
PowerShellery
Scott Sutherlandbefore implementing theGet-SPNmodule to Empire had created several Powershell scripts as part ofPowerShellerywhich can gather SPNs for various services. Some of these require PowerShell v2.0 and some other PowerShell v3.0.
1
Get-SPN -type service -search "*"
Results can be also formatted as a table for easier mapping of accounts and services.
1
Get-SPN -type service -search "*"-List yes | Format-Table
There is also an additional script which can obtain the UserSID, the service and the actual User.
1
2
Import-Module .\Get-DomainSpn.psm1
Get-DomainSpn
Impacket
Service Principal Names can be also discovered from non-joined domain systems with the python version ofGetUserSPNswhich is part of impacket. However valid domain credentials are required for communication with the Active Directory as token based authentication cannot be used.