/ * Written by Jaron (Jia Jun), 2003-11-04 * // * Original Office: B / S Web Technology / h.com http://www.jaron.cn; * // * Welcome to my website: http : //www.jaron.cn http://blog.jaron.cn*/* If you have questions about this article, please leave a message on the website / * / * Please indicate the source and keep this copyright information * // * Welcome Use the SiteManager website management system http://siteManager.cnzone.net http://demo.jaron.cn; * /
A few more, the public security organ cracked a case of a network company's procedure, analyzed, the main problem is still in the URL vulnerability. The test program has a URL vulnerability. The easiest way is to add a ', such as show.asp? Id = 1, change to show.asp? Id = 1, "Show friendliness" in the IE Advanced option HTTP error message ", see if there is a" string '' has not closed quotation marks "? If the database is SQL Server, try the following instructions in the query analyzer: Exec Master.dbo.xp_cmdshell Dir C: / hacker can use the exec master.dbo.xp_cmdshell to do anything, then use this instruction, it is easy Create user exec master.dbo.xp_cmdshell 'net user cc cc / add' in your system; Exec Master.dbo.xp_cmdshell 'net localhost administrators cc / add', the future is unknown. Note: Illegal invade the computer system of others may be sentenced to fixed-term imprisonment of less than three years.
