Comments: This article mainly introduces the external star Virtual Machine + D shield privilege escalation process last night in the group dog a friend suddenly issued a scam Station selling envelopes. I copied my family before I had dinner.
Check him with my friends. See the graph. This guy may have cheated many people. Baidu QQ saw a lot of people fake him as a liar.
The main site finds the weak password in the background. A friend of mine said that he knew what template he was trying to get out of his name.
Okay! Forgive his social worker for having a QQ number and trying a weak FTP password. Have you ever been killed several times.
I did a good job in security. I went to the bird's nest when I swept more than 100 iis6.
My friend took a shell and took a shell. I won't say much about it here, mainly about privilege escalation.
I took a look at shell. I'm glad to support aspx PHP.
In half of the cases of virtual machines, asp has low permissions. Aspx is not supported and can be abandoned in many cases.
Next, let's scan the port to see what we need. We need to collect server information.
21, 1433, 3306, it seems that sa and root exist, but I gave up the bird when I thought of a virtual machine. Not support aspx.
It is king to change the aspx horse to execute commands.
As soon as you see this page, the heart is a little cool and cool. The command cannot be executed. The VM cannot execute commands.
It is no different from aspx. Then I went to the east to visit the West without thinking about it.
I suddenly thought about it in the group. I asked the PR experts in our group. But he despised his girlfriend.
Just recovered his feelings.
I suddenly remembered that one day a net user in a group shouted a few advertisements for permission escalation. Because I prefer to study Elevation of Privilege.
I am also bored with him. I can talk about other ideas.
. Net user is meaningless... Not ironic...
He just looked at it and saw that he could not execute the command. He gave up and looked at it in detail. It is estimated that others could also raise it.
No !! Daniel said no. Come on your own
Upload a directory scan for the "ah d" pot, and slowly raise the right for one day on the longest server.
The shell time is not included overnight !!
I have also done a good job in this site. The purpose of scanning the directory is to find a directory with no write permission.
More than an hour ago. The first thing I feel when I find this important information is who is selling servers.
Since 1433 and 3306 are enabled, I don't believe it. It's like this. He's an ACC database.
Next, the RP broke out and gave me a password. At that time, I didn't understand what the problem was.
Try it first. I can't find my D pot until now !! Do not connect.
Brother D's appearance scared me. When did I get out? I just found SA, and you ran it out to scare me.
Fortunately, the above sa cmd command is not intercepted.
I am not going to wear a column of IIS account and password VBS.
If you have a system permission, CMD, you also need to ask me how to add an account. I am also quite speechless.
This website is also completed independently. Unfortunately, no one can help you with this external force.
Let's take a look at the scammers. He's lying in FTP.
The goal is to get a black page .. Everyone is responsible for cracking down on scammers
Is the idea so lewd !! Which is necessary? What is my name? piaoker !!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
