Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker invade > Content
Hot Articles
The MS08-067 crack invad
Smoothwall previews low
The RPC crack invades
GE Interlogix Diamond II
when load_file() invasio
Breaks the IE safe limit
Uses 135 ports to invade
MS08-067 introduces the
The local area network i
Sharp oracle pours into
SonicWALL Customers Prot
SmoothWall Launches Smoo
Invades the WINDOWS serv
Invades RedHat the Linux
Lotus notes also plays t
Recommend Articles
Manual injection ASP scr
Simulates the intruder t
Invades the chinalinux s
The local area network i
Invades the Linux operat
Invades in the process t
Invades once more using
Invades the WINDOWS serv
PHP pours into the invas
Brief analysis Linux sys
Invades the Turkish webs
Invades RedHat the Linux
Buffer overflow analysis
Invades the Linux system
The study contains the c
New Articles
Comodo Disk Encryption n
CRYPTO-MAS-service authe
The criminal attacks Erh
Hackers and malware deve
Five steps to protect co
MI5 hack highlights secu
Kaspersky Mobile Securit
Clavister and Meru Netwo
BioSlimDisk encrypted po
Facebook users are at ri
Europ?organizations awar
Gumblar Web-based attack
2012 Olympic Games suffe
Ties aimed at both Windo
How to recover EFS encry
Invades the Turkish website example
  Add date: 07/14/2008   Publishing date: 07/14/2008   Hits: 155
Total 2 pages, Current page:1, Jump to page:
 
Opened SQL with to inquire the analyzer to be connected including the above, had discovered several database estimates are this SQL server which server's several websites used in common therefore immediately local construct an injection spot, a preparation row catalog. A structure injection code is as follows:
<%
Set conn = Server.CreateObject (“ADODB.Connection”)
conn. Open “PROVIDER=SQLOLEDB; DATA; ; ; ”
%>
*

I hid the real user with the password. . Here I said how to use this MSSQL the user name and the password. First we construct one to have injection crack's document sql.asp, the code are as follows:

*
<! --#include file= " conn.asp "-->
<%
dim rs, strSQL, id
set rs=server.createobject (“ADODB.recordset”)
id = request (“id”)
strSQL = " select * from PE_GuestBook where GuestID= " & id
rs.open strSQL, conn,1,3
rs.close
%>

*

Here we may see that (“id”) the value filtration has not constituted directly with request has poured into the crack. We add on the forefront, was this document has contained conn.asp, placed under the identical table of contents these two documents. Here I in this aircraft erects places under the WEB table of contents, examines with D, the address is http://127.0.0.1/sql.asp?id=1. Because sql.asp has the injection crack obviously, contains conn.asp again, as soon as therefore examined 1 has injection, like Figure 1



PS: If has looked at me before the article friend definitely will think familiar, because this move of I had already used, ha-ha here will write one time one is for again oneself review, one will also be to give the friend to say again.

Since has been the DB jurisdiction we most commonly used is the row table of contents then backup obtains WEBSHELL? Heh heh. Looked has discovered the website root directory finally quite a while in D:\Inetpub\sevi, to prevent to make a mistake I also to try several, after the determination was the WEB table of contents, used SQL backup it immediately. Here sentence I do not write, previous time seeped the hacker wind and cloud in the article to write the very great length, did not understand the friend might look that because occasionally direct terminology sentence backup, therefore a success backup pony came up like Figure 2 3



 



After passing on Malaysia, discovered that the server does not support Chinese unexpectedly. Looks like is very uncomfortable. However can glance over some, looked under on the WEB table of contents server to altogether have 7. 8 websites may glance over, looked at a station to discover casually a SQL password was unexpectedly is dissimilar with me, therefore used SQL to be connected including the above, discovered that this was unexpectedly SA jurisdiction like chart 4



But in uses xp_cmdshell saves the procedure execution order time to discover that the manager xplog70.dll for has erased, my date.

But does not have the relations occasionally also to have SP_OAcreate to be possible to use with SP_OAcreate to be possible equally the executive system order

 
Other pages: : 1 * 2 * Next>>
Prev:Brief analysis Linux system back door technology and practice method Next:Invades RedHat the Linux system example

Comment:

Category: Home > hacker invade
Home