SQL Server SA permissions Summary Classic Technology

Source: Internet
Author: User

Prerequisites Need Tools: SQL Query Analyzer and SqlExec sunx Version

The first part:

Analysis and summary of the protection system for removing xp_cmdshell:

First know the statement:

1. The way to remove the xp_cmdshell extension process is to use the following statement:

if exists (SELECT * from dbo.sysobjects where id=object_id (N ' [dbo].[ Xpcmdshell] ') and

OBJECTPROPERTY (id,n ' Isextendedproc ') =1) exec sp_dropextendedproc N ' [dbo]. [xp_cmdshell] '

2. The way to add the xp_cmdshell extension process is to use the following statement:

Sp_addextendedproc xp_cmdshell, @dllname = ' Xplog70.dll '

Now look at the phenomenon:

We get the SA permission remote with sqlexec execution cmd command, appear prompt sql_error, then very likely is to remove the xp_cmdshell.

Now look at two ways to recover after being removed from the xp_cmdshell:

Method one, use SQL Query Analyzer to connect each other directly after writing, very convenient sp_addextendedproc xp_cmdshell, @dllname = ' Xplog70.dll '

Method Two, use SqlExec sunx version first in SqlExec sunx version of the format option to fill in%s, in the CMD option to enter Sp_addextendedproc ' xp_cmdshell ', ' Xpsql70.dll ' or Sql2000 use sp_addextendedproc ' xp_cmdshell ', ' xplog70.dll ' In addition to SqlExec Sunx version to remove xp_ The Cmdshell method is the same as the addition of the time selection conditions, and then input sp_dropextendedproc ' xp_cmdshell ' can be

Part II:

If the other party has deleted or renamed Xplog70.dll, we will continue our hack task in the following ways:

When the appearance of the following phenomenon implies that the representative is likely to be xplog70.dll deleted or renamed.

Writing sp_addextendedproc xp_cmdshell in Query Analyzer, @dllname = ' Xplog70.dll ' indicates an object named ' xp_cmdshell ' already exists in the database.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.