Shulou(Shulou.com)06/03 Report--

Reset password

Exec sp_password null,' new password', 'sa'

Execute system command

(1) exec xp_cmdshell 'Command to be executed'

(2) declare @ shell int

Exec sp_oacreate 'wscript.shell',@shell out

Exec sp_oamethod @ shell, 'system commands to be executed by run',null,''

Exec sp_oamethod @ shell, 'run',null,'c:\ windows\ system32\ cmd.exe / c net user kkk zzz / add'

Exec sp_oamethod @ shell, 'run',null,'c:\ windows\ system32\ cmd.exe / c net localgroup administrators kkk / add'

(3) use msdb

Exec sp_add_job @ job_name='ok1'

Exec sp_add_jobstep @ job_name='ok1',@step_name = 'okok',@subsystem='CMDEXEC',@command='net user ok 123 / add'

Exec sp_add_jobserver @ job_name = 'ok1',@server_name =' WWW-84937FCF932'

Exec sp_start_job @ job_name='ok1'

(4) exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\ Microsoft\ Jet\ 4.0\ Engines','SandBoxMode','REG_DWORD',0-- enables sand table mode

Exec master.dbo.xp_regread 'HKEY_LOCAL_MACHINE','SOFTWARE\ Microsoft\ Jet\ 4.0\ Engines',' SandBoxMode'-- to view the status of the sand table mode

Select * From OpenRowSet ('Microsoft.Jet.OLEDB.4.0',';Database=c:\ windows\ system32\ ias\ ias.mdb','select shell ("net user 12321 / add")');-- create a user with a user name of 123

1. If sandboxie protection mode is not "turned off", an error will be reported:

Server: message 7357, level 16, status 2, line 1

Failed to process object 'select shell (' cmd.exe / c net user user passwd / add'). The OLE DB provider 'microsoft.jet.oledb.4.0' indicates that there are no columns in the object.

OLE DB error tracking [Non-interface error: OLE DB provider unable to process object, since the object has no columnsProviderName='microsoft.jet.oledb.4.0', Query=select shell ("cmd.exe / c net user user passwd / add")'].

two。 If .mdb does not exist or enter the wrong path

Server: message 7399, level 16, status 1, line 1

The OLE DB provider 'microsoft.jet.oledb.4.0' reported an error.

[OLE/DB provider returned message: cannot find the file 'CRADOWSSystem32iasdnary1.mdb'.]

OLE DB error tracking [OLE/DB Provider 'microsoft.jet.oledb.4.0' IDBInitialize::Initialize returned 0x80004005:].

3. If you add more spaces in the input process, you will also report an error. Pay particular attention to this point, many people directly look for articles online to copy and paste into the implementation.

Server: message 7357, level 16, status 2, line 1

Failed to process object 'select shell (' cmd.exe / c net user user passwd / add'). The OLE DB provider 'microsoft.jet.oledb.4.0' indicates that there are no columns in the object.

OLE DB error tracking [Non-interface error: OLE DB provider unable to process object, since the object has no columnsProviderName='microsoft.jet.oledb.4.0', Query=select shell ("cmd.exe / c net user user passwd / add")'].

4. If the mdb permissions and cmd.exe permissions are not correct, the problem will also occur.

When mdb permissions are incorrect

Server: message 7320, level 16, status 2, line 1

Failed to execute query against OLEDB provider 'Microsoft.Jet.OLEDB.4.0'.

[OLE/DB provider returned message: unknown]

OLEDB error tracking [OLE/DB Provider 'Microsoft.Jet.OLEDB.4.0' ICommandText::Execute returned 0x80040e14]

View user permissions

Sp_helprotect null,' user name'

Open the xp_cmdshell of sql2005

-allow configuration of advanced options

EXEC sp_configure 'show advanced options', 1

GO

-- reconfigure

RECONFIGURE

GO

-- enable xp_cmdshell

EXEC sp_configure 'xp_cmdshell', 1

GO

-- reconfigure

RECONFIGURE

GO

-- execute the desired xp_cmdshell statement

Exec xp_cmdshell 'query user'

GO

-- after using it, remember to disable xp_cmdshell (for security reasons)

-- disable xp_cmdshell

EXEC sp_configure 'xp_cmdshell', 0

GO

-- reconfigure

RECONFIGURE

GO

-- disable configuration advanced options

EXEC sp_configure 'show advanced options', 0

GO

-- reconfigure

RECONFIGURE

GO

View the mssql operation log

SELECT * FROM fn_dblog (null,null)

Commands for attaching databases

OSQL-U sa-P (enter)

1 > sp_attach_db @ dbname = Numberxxx'

2 > @ filename1 = Numberx:\ xxx\ xxx\ xxx.mdf'

3 > @ filename2 = Numberx:\ xxx\ xxx\ xxx.ldf'

4 > go

Shrink the database

Dbcc shrinkdatabase ('db_name')

Extended database file

Alter database db_customsms add file (NAME=db_customsms_data,FILENAME='D:\ MSDE\ MSSQL\ Data\ db_customsms_data3.mdf')

The data in the export table is txt

Bcp "Northwind.dbo.Customers" out "d:\ customers.txt"-c-Usa-Psa

Bcp "select * from Northwind" queryout "d:\ customers.txt"-c-Usa-Psa

Delete xp_cmdshell

EXEC sp_dropextendedproc 'xp_cmdshell'

Restore xp_cmdshell

EXEC sp_addextendedproc xp_cmdshell, @ dllname = 'xplog70.dll'

Get the current server system time

The name of any table in select getdate () from

Restore xp_cmdshell

Dbcc addextendedproc ("xp_cmdshell", "xplog70.dll")

View database connections

Select @ @ connections

Exec sp_who 'active'

Add mssql cach

Exec sp_configure 'show advanced options',1

Reconfigure

Exec sp_configure 'max server memory',512

Reconfigure

View the path where the database is currently in use

Select * from sysfiles

Restore the sp_addextendedproc statement:

Create procedure sp_addextendedproc-20:13 on 1996-08-30

@ functname nvarchar, / (owner.) name of function to call /

@ dllname varchar / name of DLL containing function /

As

Set implicit_transactions off

If @ @ trancount > 0

Begin

Raiserror (15002)

Return (1)

End

Dbcc addextendedproc (@ functname, @ dllname)

Return (0)-sp_addextendedproc

GO

Restore the sp_dropextendedproc statement:

Create procedure dbo.sp_dropextendedproc

@ functname nvarchar 517-name of function

As

-- If we're in a transaction, disallow the dropping of the

-- extended stored procedure.

Set implicit_transactions off

If @ @ trancount > 0

Begin

Raiserror (15002 people talk 1 minutes talk 1 minutes sys.spacedropextendedproc`)

Return (1)

End

-- Drop the extended procedure mapping.

Dbcc dropextendedproc (@ functname)

Return (0)-sp_dropextendedproc

Restore sp_OACreate statement

Exec sp_addextendedproc sp_OACreate,'odsole70.dll'

Replace characters in a record

REPLACE (original-string, search-string, replace-string)

One drawback of this function is that it does not support the replacement of fields of type text,ntext, which can be achieved by the following statement:

Update tableName set recordName=replace (cast (recordName as varchar (8000)), 'abc','ddd')

Export execl tabl

Exec xp_cmdshell 'bcp "select * or column name 1, column name 2 from library name. Owner. table name" queryout "c:\ file name .xls"-c-Q-S "hostname"-U "user name-P" password "

When installing sql server sp4, a previous program installation created a pending file operation. The computer must be restarted before running the program

When installing Sql or sp patches, the system prompts you to suspend the installation operation and requires a reboot. It is often useless to restart here. Solution: delete PendingFileRenameOperations from HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Session Manager.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.