Qiangzhi educational administration system kills Getshell (Elevation of Privilege server Intranet penetration)
File: unzip GL \ jcxx \ savetofile. asp
Use exp:
Directly use exp.html to upload any file. The server has almost the sa permission, and the elevation of permission is complete.
Configuration file:
Conn \ connstring. asp
Server Self-carried Serv-U Exec> Elevation of Privilege.
As you can see
DCS--distribution control system decentralized controls, plant control level systems, conventional data acquisition, device controlThis system is completed.Sis--safty Instruments System Security instrumentation systems, interlock system, generally do the plant process equipment safety protection control, sometimes also
The Win7 system cannot choose to log in to the administration account when logging in, because the account is closed by default, so how can we choose to log in with the administration account when we log in, so that we have all the privileges.
1
Click Start, enter Lusrmgr.msc in the search box, enter the local user and group
2
Find the
also useful when creating a RAM disk.Module classLsmodDegree of importance: MediumLists all installed kernel modules.InsmodDegree of importance: MediumForce the installation of a kernel module (instead of using modprobe if possible) must be called as root.RmmodDegree of importance: MediumForces the uninstallation of a kernel module. Must be called as root.ModprobeDegree of importance: MediumThe module loader, in general, is automatically called in the startup script. Must be called as root.Depm
Linux File System administration commandsCommon Commands1. DF command to view the usage of the partitionCommon options-H More Humane-m displays partition usage in megabytesDisplay information:Mounted on: Mount pointFilesystem: The specific hardware name that corresponds to2, du command to view the file/directory size, by default in K unitsCommon options:-H "Humanity"Du-h/home/xiaofang-S "Statistic statistic
Some basic commands for system administration commandsAPMD Advanced Power Management (APMD command is responsible for BIOS Advanced Power Management (APM) related records, warnings, and administrative work)APMD "Options" "percent change" "percent value"-P "percent change" when the magnitude of the power change exceeds the set percentage change, the event is logged-U sets the BIOS clock to UTC-V Logs all APM
example: useradd-d/home/bird bird2 ---bird2 is the account name,/home/Bird is the main directory of Bird2 -the general user of the system's main directory is generally built in/home/this pathpasswd Set User password -- in Linux, Superuser can use the passwd command to set or modify the user's password for a normal user. Users can also use the command directly to modify their own passwords without having to use the user name after the command. --passwd [parameter] user nameuserdel Delete Use
systems on nodes and disk blocks.
Options
meaning
-A
Show disk usage for all file systems
-M
Display in 1024-byte units
-T
Displays disk space usage for each specified file system
-T
Display file system
Detecting the disk space occupied by the catalog: DuThe du command is used to count th
: Modify which NIC to follow which, only one can be omitted) x.x.x.x/y (M.M.M.M)//modify IP information; x:ip address, Y: Mask length, M: mask. such as =225.225.255.0Shutdown-h now or Poweroff or init 0//shutdown operation.Shutdown-r now or reboot or init 6//restart operation.Shutdown-r +15 ' The system would be rebboted!! '//Send a notification to each user who is currently logged on to the Linux host ' the syste
definitive guide to SUSE Linux Enterprise ServerRed Hat Linux Security and optimizationLinux Server HacksHardening LinuxHacking Linux ExposedBuilding Secure Servers with LinuxMaximum Linux Security Second EditionTop Network Security ToolsRed Hat Linux Security and optimizationO ' Reilly SELinuxvarious server reference books:Nginx HTTP ServerPractical Nginx: A high-performance Web server that replaces ApacheLighttpd(Packt Publishing published the most detailed reference book)Mastering PhpMyAdmin
them by the last update time. Run the following statement: SELECT * from sys.objects where type in (' U ', ' V ', ' P ') Order by modify_dateThis statement identifies all the user tables, views, and stored procedures in the database and sorts them by time, so that you can see others recently added and modified those database objects. Sys.objects does not contain triggers, and triggers are in sys.triggers. There are similar sys.tables,sys.views and so on. Information_schemaIf we want to quickly
1. Effective information technology knowledge
Includes basic courses for computer applications (software), including: data structure, operating system, software engineering, engineering economy, database principle, advanced language programming, object-oriented programming, computer network and communication, assembly, composition principle, computer system structure, as well as basic courses: high numbers,
Strictly speaking, website operation regulates its development through management. However, as a technician, first of all, you must keep your work under criticism. Good management relies on a sound technical architecture. When building your website, the auxiliary system plays an essential role. Have you noticed it?At present, mature management or project specifications, such as CMM, are aimed at software co
I would like to briefly discuss the essential qualities and skills of system analysts, which may not be complete due to the rush in writing.
1. Strong sense of responsibility and dedication
In fact, this is essential for every position. System analysts must ensure the accuracy of requirements, so the responsibility i
I have been thinking about what programmers like to install on their own computers. You may be constantly unloading and loading. Which one of the same series is best for you. And listen to the wooden comments. If you think some comments are inappropriate or need to be supplemented, you are welcome to provide valuable comments. O (∩ _ ∩) O thank you!
Reprinted please indicate the source: http://blog.csdn.net/liquanhai/article/details/7203155First, declare that your operating
.tree: External commandFunction: Display the contents of a directory using a tree-like structure listFormat: Tree [option] ... [Directory ...]Common options:-A: Shows those with "." or ".." The hidden file that starts with the default tree cannot be displayed when the-D: Show only directory names-L: Do not allow recursive querying of directory Symbolic links-F: Each file is to be displayed with an absolute path-X: Just stay on the current file system-
——————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————The question of reading "Computer System Essentials: Building a modern computer from scratch": What are the essential links between high-level and low-l
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.