A5 security Group MS SQL Lecture Transcript

Source: Internet
Author: User

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Hello everyone. I'm the A5 security team. In terms of the safety of MSSQL, I will not say more. This patch is sure to hit. Otherwise, the overflow tool such as Sqlhello overflow.

Here's the SA. SA and administrator are the same. So it's dangerous. If you use SA as your link account. It is conceivable that it is very dangerous. But if you use the SA. It also organizes intruders from all aspects.

Delete components such as Cmdshell. Xp_dirtree and their DLL Xplog70.dll and many other components. can go to the Internet to find DLL files in general, the four. Xp_web or something. OA's. Wait a minute.

After they are deleted, they can be organized to respond with statements. But if a hacker combines your webshell, you can say you're screwed. They can add them themselves. Reply to all your. There is a script on the website Lake2 Big Brother writes Lake2.dll This component and that OA's similar. Cannot be echo. But they can use >c:\a.txt to export the text, so it is not recommended to use SA here.

General website no matter what to me with db_owner and public on it. If only I could do it for public. Because PUBILC is missing several functions that are not backed up.

DB_Owner everyone knows you can back up to get the shell ' but public can't use it to get a shell. But he's still in danger. Public can still use xp_dirtree this component.

They can write the things that are executed into the building table. It is then viewed with a select. So that's very dangerous. That's right. One hacker encountered a Web data separation at the time of the invasion how to solve it. They can be invoked using a component remotely. The Select execution query is queried using remote SQL.

The permissions for public can be listed in the directory. It is conceivable that they can look over your website carefully. So it's dangerous. So ultimately it is thanks to xp_dirtree this component. Perhaps a lot of people do not know Xp_dirtree also have a brother that is Xp_subdirs and xp_dirtree is the same function is identical.

So the final solution to the problem is the DLL so here we should pay attention to. DB_Owner can put a script back into your startup project to reach the claim. So limit them to the startup entry.

Anything else. Depressed to death. I can't think of it at once. There is the hacker in the invasion can eliminate everything to solve the problem. Just stop them under the Webshell. Then they have no choice. I wanted to test their danger here, but because of my machine he got stuck. No tests.

There are a few other things that may not come to mind. Talk about it. All right. Here we go. Important points to note: SP4 patches. Filter your 1433 ports. The complex point of the password setting for the SA account. Do not use sa account as a link account. Deletes a component. Focus)

General to public permission to run. DB_Owner permissions have backup permissions. You can back up your startup items and get your permission. and to prevent cross libraries. This is available in an Access database. Access gets system permissions directly. If you have any questions you can always come to me, my QQ70065671 and our security team's homepage.

Server and website emergency help: http://safe.admin5.com

Server-related technical discussion and communication: http://bbs.admin5.com/forum-281-1.html

You can learn a lot about Web sites here. Welcome to all of you. Thank

Server and Web site Security Technology seminar Official group number: ①27805343②84814264③75927060④84815626⑤84815663⑥40702240

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.