SQL Server SA permissions Summary Classic technology _mssql

Source: Internet
Author: User
Prerequisites Need Tools: SQL Query Analyzer and SqlExec sunx Version
   The first part:  
Analysis and summary of the protection system for removing xp_cmdshell:
First know the statement:
1. The way to remove the xp_cmdshell extension process is to use the following statement:
if exists (SELECT * from dbo.sysobjects where id=object_id (N ' [dbo].[ Xpcmdshell] and OBJECTPROPERTY (id,n ' Isextendedproc ') =1) exec sp_dropextendedproc N ' [dbo]. [xp_cmdshell] '
2. The way to add the xp_cmdshell extension process is to use the following statement:
Sp_addextendedproc xp_cmdshell, @dllname = ' Xplog70.dll '
Now look at the phenomenon:
We get the SA permission remote with sqlexec execution cmd command, appear prompt sql_error, then very likely is to remove the xp_cmdshell.
  
Now look at two ways to recover after being removed from the xp_cmdshell:
  
Method one, using SQL Query Analyzer to connect to each other directly after writing, very convenient sp_addextendedproc xp_cmdshell, @dllname = ' Xplog70.dll ' Method II, the use of SqlExec Sunx Version first fills in%s in the format option of SqlExec Sunx version and enters Sp_addextendedproc ' xp_cmdshell ' in the cmd option, ' Xpsql70.dll ' Or use the Sp_addextendedproc ' xp_cmdshell ', ' xplog70.dll ' in the case of Sql2000 and SqlExec Sunx version to remove the xp_cmdshell method and the choice of conditions And then type sp_dropextendedproc ' xp_cmdshell ' on it.
  
Part II:
  
If the other party has deleted or renamed Xplog70.dll, we will continue our hack task in the following ways:
When the appearance of the following phenomenon implies that the representative is likely to be xplog70.dll deleted or changed its name.
Writing sp_addextendedproc xp_cmdshell in Query Analyzer, @dllname = ' Xplog70.dll ' indicates an object named ' xp_cmdshell ' already exists in the database.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.