==== Gathering information about an SQL Server database ====

\\
Gather SQL Server data and valuable information once a sql-shell is obtained\\
<code sql>
-- Add `FOR XML PATH('')` at the end of every query to get everything as 1 xml string.
-- You can also use `FIELD + ', ' AS 'data()'` to get fields as string.
</code>

Get current User:
<code sql>SELECT CURRENT_USER</code>

Get system logins:
<code sql>SELECT * from master.sys.syslogins</code>

Get all users:
<code sql>SELECT * from master.sys.server_principals</code>

Get Database names:
<code sql>SELECT name FROM master.sys.databases</code>

Get Table names for database:
<code sql>SELECT TABLE_NAME FROM [THEDBNAME].INFORMATION_SCHEMA.TABLES</code>

Get Column names for table:
<code sql>SELECT COLUMN_NAME FROM [THEDBNAME].INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = '[THETABLENAME]'</code>

Get permissions granted on tables as XML (1 string)
<code sql>SELECT * FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES</code>