SQL Server allows DBAs to set databases as “trustworthy”. In a nutshell that means the trusted databases can access external resources like network shares, email functions, and objects in other databases. This isn’t always bad, but when sysadmins create trusted databases and don’t change the owner to a lower privileged user the risks start to become noticeable. In this blog I’ll show how database users commonly created for web applications can be used to escalate privileges in SQL Server when database database ownership is poorly configured. This should be interesting to penetration testers, application developers, and dev-ops. Most DBAs already know this stuff.
more here.........https://blog.netspi.com/hacking-sql-server-stored-procedures-part-1-untrustworthy-databases/
more here.........https://blog.netspi.com/hacking-sql-server-stored-procedures-part-1-untrustworthy-databases/