Äîáðî ïîæàëîâàòü â ôîðóì, Guest >> Âîéòè | Ðåãèñòðàöèÿ | Ïîèñê | Ïðàâèëà | | Â èçáðàííîå | Ïîäïèñàòüñÿ | ||
Âñå ôîðóìû / Microsoft SQL Server |
![]() ![]() |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
Êëèåíò êîíåêòèòñÿ ê SQL-ñåðâåðó ÷åðåç ëîãèí:CREATE LOGIN [AppAdmin] WITH PASSWORD=N'a˜,7JR-Còï!ð†ØßPW" ¶t}q¨±q<q', DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=ON ñ ïîìîùüþ xp_cmdshell ïîñûëàåò ñîîáùåíèå: DECLARE @MSG VARCHAR(256) SET @MSG = 'net send SERG Ïîäïèøèòå äîêóìåíò ¹ 1' EXEC xp_cmdshell @MSG âñ¸ ðàáîòàëî íîðìàëüíî, äî òîãî âðåìåíè ïîêà íå ïîìèíÿëè ïàðîëü àäìèíèñòðàòîðà äîìåíà. Ñ÷àñ êîãäà êëèåíò, êîòîðûé çàêîíåêòèëñÿ ê SQL-ñåðâåðó îòïðàâëÿåò ñîîáùåíèå, ïîëó÷àåì îøèáêó: An error occurred during the execution of xp_cmdshell. A call to 'LogonUserW' failed with error code: '1326' åñëè âûïîëíÿòü èç Management Studio, êóäà ìû çàõîäèì ïîä sa, òî ñîîáùåíèÿ îòïðàâëÿþòñÿ íîðìàëüíî. Êîãäà ïîìåíÿëè ïàðîëü îáðàòíî, âñ¸ çàðàáîòàëî êàê ðàíüøå. Ïîìîãèòå ïîíÿòü ïðè÷èíó ýòîé çàêîíîìåðíîñòè. Áîëüøîå ñïàñèáî! |
4 èþí 15, 17:05 [17731579] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
Glory Member Îòêóäà: Ñîîáùåíèé: 104760 |
Äëÿ ýòîãî âàì íàäî ïðîñòî óçíàòü, ïîä êàêîé ñåòåâîé ó÷åòíîé çàïèñüþ ó âàñ â îáåèõ ñëó÷àÿõ çàïóñêàåòñÿ xp_cmdshell |
||
4 èþí 15, 17:13 [17731647] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
À êàê, èçâèíèòå, óçíàòü ïîä êàêîé ñåòåâîé ó÷åòíîé çàïèñüþ çàïóñêàåòñÿ xp_cmdshell? |
||
5 èþí 15, 08:41 [17733615] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
Åñëè ÿ ïðàâèëüíî ñìîòðþ, òî ñëóæáà SQL Server çàïóñêàåòñÿ ïîä UEA\sadm, à ýòî è åñòü ó÷¸òêà êîòîðîé ïîìåíÿëè ïàðîëü. À êëèåíò ñîåäèíÿåòñÿ ñ SQL òàê:m.lcDSNLess = ; "Driver=SQL Server;" + ; "SERVER=NT3;" + ; "DBMSSOCN=TCP/IP;" + ; "UID=AppAdmin;" + ; "PWD=111;" + ; "DATABASE=master;" + ; "APP=" m.lnCon = SQLStringconnect(m.lcDSNLess) SQLSETPROP(m.lnCon,"DispWarnings",.T.) ïàðàìåòð TRUSTED_CONNECTION=YES ÿ íå èñïîëüçóþ, à óêàçûâàþ êîíêðåòíûé ëîãèí è ïàðîëü. Êëèåíò íà FoxPro. |
5 èþí 15, 09:16 [17733716] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
Glory Member Îòêóäà: Ñîîáùåíèé: 104760 |
Êàê òîãäà ó âàñ âîîáùå ñëóæáà SQL Server çàïóñòèëàñü, åñëè ïàðîëü èçìåíèëñÿ ? |
||
5 èþí 15, 09:26 [17733765] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
Ñëóæáà SQL Server (MSSQLSERVER) çàïóñêàåòñÿ ïðè ñòàðòå ñåðâåðà, à ñåðâåð ïîñëå èçìåíåíèÿ ïàðîëÿ íå ïåðåãðóæàëñÿ. Òî ïîëó÷àåòñÿ, ÷òî åñëè ïîñëå èçìåíåíèÿ ïàðîëÿ ó÷¸òêè ïîä êîòîðîé çàïóñêàåòñÿ ñëóæáà SQL Server ïåðåãðóçèòü ñåðâåð, òî ñëóæáà íå çàïóñòèòñÿ? |
||
5 èþí 15, 09:36 [17733814] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
Glory Member Îòêóäà: Ñîîáùåíèé: 104760 |
ðàçóìååòñÿ. Åñëè òîëüêî âû íå ïîìåíÿòå ïàðîëü è â ñâîéñòâàõ ñëóæáû |
||
5 èþí 15, 09:40 [17733839] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
ß ïðàâèëüíî ïîíÿë, ÷òî â ñëó÷àå íåîáõîäèìîñòè èçìåíåíèÿ ïàðîëÿ ó÷¸òêè ïîä êîòîðîé ðàáîòàåò ñëóæáà SQL Server íóæíî ïîìåíÿòü ïàðîëü è â ñâîéñòâàõ ñëóæáû è ïåðåãðóçèòü ñåðâåð? Èëè ó ìåíÿ ÷òî-òî â êîðíå íå ïðàâèëüíî? |
||
5 èþí 15, 09:47 [17733875] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
Glory Member Îòêóäà: Ñîîáùåíèé: 104760 |
äà. Âàñ óäèâëÿåò, ÷òî ñòàðûé ïàðîëü çàïèñàí â ñâîéñòâõ ñëóæáû è èñïîëüçóåòñÿ ñëóæáîé ? |
||
5 èþí 15, 09:48 [17733884] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
Óæå íåò. Ýòî ïðàâèëüíî, ÷òî SQL ðàáîòåò ïîä "This account", â äàíîì ñëó÷àå ïîä UEA\sadm, à íå ïîä "Local System account"? |
||
5 èþí 15, 10:00 [17733952] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
Glory Member Îòêóäà: Ñîîáùåíèé: 104760 |
Äëÿ îïðåäåëåíèÿ ïðàâèëüíîñòè ñíà÷àëà çàäàþò êðèòåðèè ïðàâèëüíîñòè |
||
5 èþí 15, 10:02 [17733967] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
shanton Member Îòêóäà: Óêðàèíà ã. Õìåëüíèöêèé Ñîîáùåíèé: 628 |
Ñïàñèáî çà îòâåòû! |
5 èþí 15, 10:10 [17734018] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
o-o
Guest |
exec xp_cmdshell 'whoami' |
||||
5 èþí 15, 10:14 [17734054] Îòâåòèòü | Öèòèðîâàòü Ñîîáùèòü ìîäåðàòîðó |
Âñå ôîðóìû / Microsoft SQL Server | ![]() |