Break the script limit. For example, a text box on a Web page allows you to enter a user name, but it restricts you to 4 characters. Many programs are limited on the client side and then use MsgBox to eject the error message. If you need to break through this limit when attacking, just do a local home page, only to remove the restrictions, usually by removing VBScript or iavascript restrictions, you can successfully break through. If JavaScript does it, simply temporarily turn off the browser's script support. If so, you can use JavaScript to transfer it to other sites or do something. If you just change the port number to see the user's permissions in the program, if it is to manage users, you can use ' EXEC master.dbo.xp_cmshell ' net User/add AAA to create an operating system user, and then use ' EXEC Master.dbo.xp_cmdshell ' Net Localgroup/add Administrators AAA to upgrade it to Superuser. If this server's NetBIOS binding TCP/IP, and C $, d$ and other management shares exist, hehe, congratulations, you under the DOS command with net use Z: \ip address$ "BBB" supplied: "AAA" You can map the entire C disk of the other to your local network driver Z:. How to leave the back door in the database. To create a user's sp_addlogin, the sp_addsrvrolemember of a permission assignment is to use a statement to determine whether a user has permission to execute, which means that the user can execute it, and then determine whether the user has the right to execute. When you hack into a database, you can use its Enterprise Manager to connect to modify these stored procedures, because these stored procedures are not encrypted. You can add a condition at the point where the condition is met and it is not executed directly, regardless of what permissions the user calls it. However, when you change the note, it is the type of user, you want to change back to the sysobjects table to the name of the sp_addlogin of a delete, and then the same version of MS SQL Server has not changed the same record copy into the. Of course, do not forget that these defaults can not be manually modified, you have to modify the SQL Server to change the parameters, change the end do not forget to change back AH: At this point, as long as the site's program has problems, regardless of the user rights in the program, you can create SQL Server management users at any time. Database Scan Tool. ISS DATABASE Scanner Download: http://www.is-one.net/product/product.php?pid=11 Editor Zhao Zhaoyi#51cto.com TEL: (010) 68476636-8001 to force (0 votes) is tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passing (0 votes) to the original text: Talking about the attack on the database (continued) Back to the network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.