Thanks Ichunqiu company.I have a chance to learn some lessons for free in five days till 10.1 this year.Here is the address.https://www.ichunqiu.com. But  you may have no access to all ithe videos.There are many video on the Internet,but here in Ichunqiu It is arranged very well!

This article is tested by a mysql database.The oher database may use the same way.

Step 1:Get the sql database address

You have to ways to get these.One is finding some website those have some xss and other deangerous bug.And  you need send your trojan on it.And then you can get the config files or the database files on it.The config files may be conn,sql,inc,common,data etc catalog.If you get them you can get the link address easily.In case of this situation,you may need design you website safely ,connect the data without root or sa , write you own config with encryption,update the database in time and install the Waf on your server PC.You can design the website,encrypt the config files may be little problem.The other way to get the address may scan add the ip address using weak password ,such as root 123456,root root,etc.Incase of this situation,set a strong password with lower abc ,upper ABC,numbers 123,and some other symbol like !@#$%^ is necessary.Especially in you server PC.Because the one who get this,can get the account of you server PC easily.I will tell you in the step2 in the article.

Step2:Creat your account

If you have get the address to a mysql database ,you can promote your authority and creat a windows account through the UDF tool ,the MOD bug or other mothods.And in this way, you can open port that you can use the mstsc.exe.And then you have it.

   The reference lesson link is this https://www.ichunqiu.com/qad/course/52775.

       All rights reserved.Reprinted with reference to the source.

 
 

Osmotic Study ----Mysql Safe的更多相关文章

  1. study mysql

    SELECT CONCAT(`_`.`drop_default`,`_`.`alter_default`,`_`.`update_default`) AS `sql` FROM ( -- 设置默认值 ...

  2. 【技术贴】解决Mysql启动服务报错1067 进程意外终止

    无法启动MYSQL服务错误1067 进程意外终止. 我使用2013-10-25_appserv-win32-2.6.0.exe安装的MySql,结果服务起不来. 于是细心机智的我发现,在F:\stud ...

  3. 開始:触摸MySQL

    学习MySQL.少不了安装一个MySQL数据库,安装想必非常easy,事实上也是.我下载了一个MySQL5.7.百度了一下安装步骤,就成功安装了.相对于Oracle来说要简单不少. 买了两本书,看了& ...

  4. mysql: reinit the password

    You can reinit the password : 1.stop mysql /etc/init.d/mysql stop 2.start mysql safe : mysqld_safe - ...

  5. MySQL字段类型 约束

    目录 MySQL存储引擎 非空约束 字段类型 整形类型INT TINYINT 浮点类型float 字符类型char varchar 日期类型 枚举集合 约束条件 主键 自增 unsigned无符号 z ...

  6. Macos 编译运行调试Mysql源代码

    准备编译工具Clion 下载地址 工具是macos用的系统 百度云盘下载地址(密码: 7dus) 下载mysql源码 Mysql源码下载地址 下载boost boost下载地址 前期准备工作 MySQ ...

  7. MySQL 利用frm文件和ibd文件恢复表结构和表数据

    文章目录 frm文件和ibd文件简介 frm文件恢复表结构 ibd文件恢复表数据 通过脚本利用ibd文件恢复数据 通过shell脚本导出mysql所有库的所有表的表结构 frm文件和ibd文件简介 在 ...

  8. sql 代码笔记

    1. if() 函数 推荐一个学习MySQL的网站  Study MySql

  9. Mysql-cluster7.5

    Data nodes: shell> rpm -Uhv mysql-cluster-community-data-node-7.5.5-1.1.el7.x86_64.rpm SQL nodes: ...

随机推荐

  1. Java操作Redis(代码演示)

    redis-demo演示 一.创建一个maven工程 1.在pom.xml中引入相关redis的相关依赖 <project xmlns="http://maven.apache.org ...

  2. 转载:【菜鸟玩Linux开发】通过MySQL自动同步刷新Redis

    转载: http://www.cnblogs.com/zhxilin/archive/2016/09/30/5923671.html

  3. 微信小程序 报错Setting data field "variableName" to undefined is invalid.

    Setting data field "variableName" to undefined is invalid. 将数据字段“variableName”设置为未定义是无效的. ...

  4. BZOJ3489:A simple rmq problem

    浅谈\(K-D\) \(Tree\):https://www.cnblogs.com/AKMer/p/10387266.html 题目传送门:https://lydsy.com/JudgeOnline ...

  5. java中io的详解

    注:本文全篇转载于:http://blog.csdn.net/taxueyingmei/article/details/7697042,觉得讲的挺详细,就借过来看看,挺不错的文章. 先贴一张图 Jav ...

  6. Java中throw和throws的区别【转】

    系统自动抛出的异常所有系统定义的编译和运行异常都可以由系统自动抛出,称为标准异常,并且 Java 强烈地要求应用程序进行完整的异常处理,给用户友好的提示,或者修正后使程序继续执行. 语句抛出的异常 用 ...

  7. JSF页面中的JS取得受管bean的数据(受管bean发送数据到页面)

    JSF中引入jsf.js文件之后,可以拦截jsf.ajax.request请求.一直希望有一种方法可以像jquery的ajax一样,能在js中异步取得服务器端发送的数据.无奈标准JSF并没有提供这样的 ...

  8. DCloud-HBulder:杂项

    ylbtech-DCloud-HBulder:杂项 1.返回顶部   2.返回顶部   3.返回顶部   4.返回顶部   5.返回顶部     6.返回顶部   7.返回顶部   8.返回顶部   ...

  9. jenkins学习 01 jenkins介绍

    jenkins 是一个可扩展的持续集成引擎. 使用Jenkins目的: 持续.自动地构建/测试软件项目. 监控一些定时执行的任务. jenkins拥有的特性: 易于安装,只要jenkins.war部署 ...

  10. Drools学习笔记3—Conditions / LHS—字段约束连接&字段约束操作符

    字段约束连接 用于字段约束 对象内部多个约束连接,采用“&&”(and).“||”(or)和“,”(and) 执行顺序:“&&”(and).“||”(or)和“,” 字 ...