During a penetration test, a tester finds a target that is running MS SQL 2000 with default
credentials. The tester assumes that the service is running with Local System account. How
can this weakness be exploited to access the system?

A.
Using the Metasploit psexec module setting the SA / Admin credential

B.
Invoking the stored procedure xp_shell to spawn a Windows command shell

C.
Invoking the stored procedure cmd_shell to spawn a Windows command shell

D.
Invoking the stored procedure xp_cmdshell to spawn a Windows command shell