利用SQL注入获取服务器最高权限_MySQL
单位有台数据库服务器(windows 2000 操作系统,sql server 2000)
前段时间莫名其妙的被攻击了
跑到机房,通过PE进去一看,发现多了一个账户(SQLDEBUG)。并且administrator账户被禁用了
看看数据没少,也没太在意。利用PE把账户破解了一下,就回单位了
今晚回来刚好要去数据库服务器上,下个数据库备份文件。结果发现密码又登陆不了。
不祥预感出来了。难道我又要坐3个小时汽车去机房?
最关键的是,前段时间刚去过机房。星期一又去 。丢不起这个人呐!
第一反应想、。应该是上次那个问题
谷歌了下发现SQL 2000下默认是启用“xp_cmdshell”
从这个文件命名就知道威力有多大了。。
将信将疑的试了试(这个时候虽然服务器密码被改了,但是数据库SA密码还是正常的)
Exec master..xp_cmdshell 'net user abc 3388/add'
看到上面命令太熟了。以前做过在win7下破解登陆密码也是这个原理
在数据库一运行,再到系统登录进去了!!
果然服务器上面有一个SQLDEBUG账户就在上面。
后面么,就是通过命令把刚才手动创建的用户那啥啥啥
(不说了太细了,怕害人。有需要可以微博私心我。)
一切OK
心里一阵冷汗,庆幸服务器是2000系统,没有远程桌面的。
要不然人家拿到账户直接远程上来,完全可以删除数据。而且是为所欲为
好了讲下如何防止把
首先把这个xp_cmdshell 存储过程禁用。命令如下:
USE master
GO
EXEC sp_dropextendedproc 'xp_cmdshell'
GO
但是你只禁用根本没有用,因为人家能够还原回来。命令如下:
USE master
GO
EXEC sp_addextendedproc 'xp_cmdshell', 'xplog70.dll'
GO
最关键还是xplog70.dll 这个DLL。路径:
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\xplog70.dll
把这个DLL删除或者改名字就可以了。
(切记一定要把SQL server 服务停止,不然你改名字是没用的。表面上改过了,实际上还是那个名字)
为保险期间,再试试上面创建账户的密码。果然不能创建!OK
其实win7密码破解也是同样的原理。
以上就是利用SQL注入获取服务器最高权限_MySQL的内容,更多相关内容请关注PHP中文网(www.php.cn)!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1665
14
1423
52
1321
25
1269
29
1249
24
Laravel Introduction Example
Apr 18, 2025 pm 12:45 PM
Laravel is a PHP framework for easy building of web applications. It provides a range of powerful features including: Installation: Install the Laravel CLI globally with Composer and create applications in the project directory. Routing: Define the relationship between the URL and the handler in routes/web.php. View: Create a view in resources/views to render the application's interface. Database Integration: Provides out-of-the-box integration with databases such as MySQL and uses migration to create and modify tables. Model and Controller: The model represents the database entity and the controller processes HTTP requests.
MySQL and phpMyAdmin: Core Features and Functions
Apr 22, 2025 am 12:12 AM
MySQL and phpMyAdmin are powerful database management tools. 1) MySQL is used to create databases and tables, and to execute DML and SQL queries. 2) phpMyAdmin provides an intuitive interface for database management, table structure management, data operations and user permission management.
MySQL vs. Other Programming Languages: A Comparison
Apr 19, 2025 am 12:22 AM
Compared with other programming languages, MySQL is mainly used to store and manage data, while other languages such as Python, Java, and C are used for logical processing and application development. MySQL is known for its high performance, scalability and cross-platform support, suitable for data management needs, while other languages have advantages in their respective fields such as data analytics, enterprise applications, and system programming.
Solve database connection problem: a practical case of using minii/db library
Apr 18, 2025 am 07:09 AM
I encountered a tricky problem when developing a small application: the need to quickly integrate a lightweight database operation library. After trying multiple libraries, I found that they either have too much functionality or are not very compatible. Eventually, I found minii/db, a simplified version based on Yii2 that solved my problem perfectly.
Laravel framework installation method
Apr 18, 2025 pm 12:54 PM
Article summary: This article provides detailed step-by-step instructions to guide readers on how to easily install the Laravel framework. Laravel is a powerful PHP framework that speeds up the development process of web applications. This tutorial covers the installation process from system requirements to configuring databases and setting up routing. By following these steps, readers can quickly and efficiently lay a solid foundation for their Laravel project.
Solve MySQL mode problem: The experience of using the TheliaMySQLModesChecker module
Apr 18, 2025 am 08:42 AM
When developing an e-commerce website using Thelia, I encountered a tricky problem: MySQL mode is not set properly, causing some features to not function properly. After some exploration, I found a module called TheliaMySQLModesChecker, which is able to automatically fix the MySQL pattern required by Thelia, completely solving my troubles.
MySQL: Structured Data and Relational Databases
Apr 18, 2025 am 12:22 AM
MySQL efficiently manages structured data through table structure and SQL query, and implements inter-table relationships through foreign keys. 1. Define the data format and type when creating a table. 2. Use foreign keys to establish relationships between tables. 3. Improve performance through indexing and query optimization. 4. Regularly backup and monitor databases to ensure data security and performance optimization.
MySQL: Key Features and Capabilities Explained
Apr 18, 2025 am 12:17 AM
MySQL is an open source relational database management system that is widely used in Web development. Its key features include: 1. Supports multiple storage engines, such as InnoDB and MyISAM, suitable for different scenarios; 2. Provides master-slave replication functions to facilitate load balancing and data backup; 3. Improve query efficiency through query optimization and index use.
