Thanks Ichunqiu company.I have a chance to learn some lessons for free in five days till 10.1 this year.Here is the address.https://www.ichunqiu.com. But  you may have no access to all ithe videos.There are many video on the Internet,but here in Ichunqiu It is arranged very well!

This article is tested by a mysql database.The oher database may use the same way.

Step 1:Get the sql database address

You have to ways to get these.One is finding some website those have some xss and other deangerous bug.And  you need send your trojan on it.And then you can get the config files or the database files on it.The config files may be conn,sql,inc,common,data etc catalog.If you get them you can get the link address easily.In case of this situation,you may need design you website safely ,connect the data without root or sa , write you own config with encryption,update the database in time and install the Waf on your server PC.You can design the website,encrypt the config files may be little problem.The other way to get the address may scan add the ip address using weak password ,such as root 123456,root root,etc.Incase of this situation,set a strong password with lower abc ,upper ABC,numbers 123,and some other symbol like !@#$%^ is necessary.Especially in you server PC.Because the one who get this,can get the account of you server PC easily.I will tell you in the step2 in the article.

Step2:Creat your account

If you have get the address to a mysql database ,you can promote your authority and creat a windows account through the UDF tool ,the MOD bug or other mothods.And in this way, you can open port that you can use the mstsc.exe.And then you have it.

   The reference lesson link is this https://www.ichunqiu.com/qad/course/52775.

       All rights reserved.Reprinted with reference to the source.

 
 

Osmotic Study ----Mysql Safe的更多相关文章

  1. study mysql

    SELECT CONCAT(`_`.`drop_default`,`_`.`alter_default`,`_`.`update_default`) AS `sql` FROM ( -- 设置默认值 ...

  2. 【技术贴】解决Mysql启动服务报错1067 进程意外终止

    无法启动MYSQL服务错误1067 进程意外终止. 我使用2013-10-25_appserv-win32-2.6.0.exe安装的MySql,结果服务起不来. 于是细心机智的我发现,在F:\stud ...

  3. 開始:触摸MySQL

    学习MySQL.少不了安装一个MySQL数据库,安装想必非常easy,事实上也是.我下载了一个MySQL5.7.百度了一下安装步骤,就成功安装了.相对于Oracle来说要简单不少. 买了两本书,看了& ...

  4. mysql: reinit the password

    You can reinit the password : 1.stop mysql /etc/init.d/mysql stop 2.start mysql safe : mysqld_safe - ...

  5. MySQL字段类型 约束

    目录 MySQL存储引擎 非空约束 字段类型 整形类型INT TINYINT 浮点类型float 字符类型char varchar 日期类型 枚举集合 约束条件 主键 自增 unsigned无符号 z ...

  6. Macos 编译运行调试Mysql源代码

    准备编译工具Clion 下载地址 工具是macos用的系统 百度云盘下载地址(密码: 7dus) 下载mysql源码 Mysql源码下载地址 下载boost boost下载地址 前期准备工作 MySQ ...

  7. MySQL 利用frm文件和ibd文件恢复表结构和表数据

    文章目录 frm文件和ibd文件简介 frm文件恢复表结构 ibd文件恢复表数据 通过脚本利用ibd文件恢复数据 通过shell脚本导出mysql所有库的所有表的表结构 frm文件和ibd文件简介 在 ...

  8. sql 代码笔记

    1. if() 函数 推荐一个学习MySQL的网站  Study MySql

  9. Mysql-cluster7.5

    Data nodes: shell> rpm -Uhv mysql-cluster-community-data-node-7.5.5-1.1.el7.x86_64.rpm SQL nodes: ...

随机推荐

  1. awk---Linux下文本处理五大神器之二

    转自:http://www.cnblogs.com/dong008259/archive/2011/12/06/2277287.html awk是一个非常棒的数字处理工具.相比于sed常常作用于一整行 ...

  2. ecshop彻底去版权把信息修改成自己的全教程

    前台部分: 一.去掉头部title部分的ECSHOP演示站-Powered by ecshop 1.问题:“ECSHOP演示站”方法:在后台商店设置 – 商店标题修改2.问题:“ Powered by ...

  3. 【转】Cron表达式简介

    Cron表达式是一个字符串,字符串以5或6个空格隔开,分为6或7个域,每一个域代表一个含义,Cron有如下两种语法格式: Seconds Minutes Hours DayofMonth Month ...

  4. linux内核图形配置疑难解决

    配置linux内核是遇到的问题:(1)问题一make gconfig * * Unable to find the GTK+ installation. Please make sure that * ...

  5. BZOJ1370:[Baltic2003]团伙

    浅谈并查集:https://www.cnblogs.com/AKMer/p/10360090.html 题目传送门:https://lydsy.com/JudgeOnline/problem.php? ...

  6. 如何在IJ中使用Jaxb2通过xml定义生成对应的Java Entity类的文件

    #0. 准备要转换的xml文件,在Project视界中,右击这个xml文件,在弹出的菜单上选择“Generate XSD schema from XML File...”, 按默认设置生成xsd文件. ...

  7. CentOS7网卡设置为桥接模式静态IP配置方法详解

    备份网络文件 [root@localhost network-scripts]# cd /etc/sysconfig/network-scripts/ [root@localhost network- ...

  8. UEditor富文本编辑器的使用 http://fex.baidu.com/ueditor/

    [转] http://fex.baidu.com/ueditor/ UEditor 介绍 UEditor 是由百度「FEX前端研发团队」开发的所见即所得富文本web编辑器,具有轻量,可定制,注重用户体 ...

  9. Dubbo实现RPC调用使用入门

    使用Dubbo进行远程调用实现服务交互,它支持多种协议,如Hessian.HTTP.RMI.Memcached.Redis.Thrift等等.由于Dubbo将这些协议的实现进行了封装了,无论是服务端( ...

  10. Java-API-Package:org.springframework.stereotype

    ylbtech-Java-API-Package:org.springframework.stereotype 1.返回顶部 1. @NonNullApi @NonNullFields Package ...