SQLServerSA permission summary classic Technology
SQL Server SA permission summary classic Technology
Required Tools: SQL Query Analyzer and SqlExec Sunx Version
Part 1:
Summary on how to remove xp_cmdshell to protect the system:
First, let's know the statement:
1. to remove the xp_cmdshell extension process, use the following statement:
If exists (select * from dbo. sysobjects where id = object_id (n' [dbo]. [xpcmdshell] ') and OBJECTPROPERTY (id, n' isextendedproc') = 1) exec sp_dropextendedproc n' [dbo]. [xp_cmdshell]'
2. to add the xp_cmdshell extension process, use the following statement:
Sp_addextendedproc xp_cmdshell, @ dllname = 'loglog70. dll'
Now let's look at the phenomenon:
After obtaining the SA permission, we remotely use Sqlexec to execute the cmd command, and the prompt SQL _ERROR is displayed. Therefore, xp_mongoshell may be removed.
Now let's take a look at the two methods to restore after xp_cmdshell is removed:
Method 1: use SQL Query Analyzer to connect to the other party and write data directly. it is quite convenient to sp_addextendedproc xp_mongoshell, @ dllname = 'loglog70. dll 'method 2: use SqlExec Sunx Version first fill in % s in the Format option of SqlExec Sunx Version, enter sp_addextendedproc 'XP _ javasshell' in the CMD option, 'xpsql70. dll 'or use sp_addextendedproc 'XP _ shortshell' and 'XP log70. dll 'in addition, use SqlExec Sunx Version to remove the xp_mongoshell method and select the same conditions when adding the method. then enter sp_dropextendedproc 'XP _ mongoshell'.
Part 2:
If the other party has deleted or renamed xplog70.dll, we will use the following method to continue our hack task:
The following suggestion indicates that the xplog70.dll is deleted or renamed.
Write sp_addextendedproc xp_mongoshell in the query analyzer, @ dllname = 'loglog70. dll ', and the system prompts that an object named 'XP _ mongoshell' already exists in the database.
