查詢 SQL Server 的執行者
EXEC xp_cmdshell 'whoami /user'
變更 SQL Server的執行者 (若是 現行執行者 權限不足,該行執行會失敗)
EXEC xp_cmdshell 'sc.exe config "MSSQLSERVER" obj= "nt authority\system" password= "XXXXXX" type= own'
遠端執行 下傳檔案 & PowerShell (後期的電腦 C:\ 沒有寫入權限)
EXEC xp_cmdshell 'DEL /Q c:\111.ps1'
EXEC xp_cmdshell 'ECHO $WebClient = New-Object System.Net.WebClient >> c:\111.ps1'
EXEC xp_cmdshell 'ECHO $WebClient.DownloadFile("http://10.161.71.191:82/DLFILE/MonitorClinetInstall.exe","c:\MonitorClinetInstall.exe") >> c:\111.ps1'
EXEC xp_cmdshell 'PowerShell -NoProfile -ExecutionPolicy Bypass -Command "c:\111.Ps1"'
EXEC xp_cmdshell 'c:\MonitorClinetInstall'
沒有留言:
張貼留言