RECONFIGURE
EXEC sp_configure 'xp_cmdshell',1
declare @cmdstring varchar(1000)
set @cmdstring = 'copy D:\\Mine\\Mine\\Icons\\1355312509_gadu.ico D:\\Mine\\Mine\\1355312509_gadu.ico'
exec master..xp_cmdshell @cmdstring
RECONFIGURE
EXEC sp_configure 'xp_cmdshell',0
我正在尝试在远程服务器上执行此操作,我以sysadmin身份登录,虽然我无法执行,这是我得到的错误,我已经通过较早的帖子但是找不到合适的解决方案
output
The device is not ready.
NULL
任何帮助都是apreciated
这段代码不会
RECONFIGURE
EXEC sp_configure 'xp_cmdshell',0
代码末尾消除了那些安全威胁?
这就是我所做的,没关系
CREATE TABLE #temp
(
id INT IDENTITY(1, 1),
name_file VARCHAR(500),
depth_tree VARCHAR(10),
is_folder_files VARCHAR(10)
)
/* xp_dirtree selects file from specific location
* depth_tree : depth of the search i.e. subfolders
* is_folder_files : selects folders only or files too
*/
INSERT INTO #temp(name_file, depth_tree, is_folder_files) EXEC xp_dirtree @source_path, 0, 1
-- Must concatenate to have permission for xp_cmdshell
SET @concatenate_string = 'RECONFIGURE EXEC sp_configure ''xp_cmdshell'',1 EXEC MASTER..xp_cmdshell '
-- Generating copy string in bulk
SELECT @cmd_string =
ISNULL(@cmd_string, '') +
CASE WHEN (LEN(REPLACE(t.name_file, @seperate_value, 1)) <> LEN(t.name_file)) -- if @seperate_value is not in image
THEN
(
SELECT CASE
WHEN REPLACE(t.name_file, 'Approach', 1) <> t.name_file OR REPLACE(t.name_file, 'CloseUp', 1) <> t.name_file -- if word Approach or CloseUp is not there in image
THEN
(
SELECT CASE
WHEN ((SELECT f.FaceID FROM Face f WHERE CAST(f.Notes AS VARCHAR) = SUBSTRING(t.name_file, 0, CHARINDEX(@seperate_value, t.name_file)-1)) IS NOT NULL) -- when extracted ID from image <> NotesID
THEN
(
@concatenate_string + '''copy ' + @source_path + t.name_file + ' '
+ @destination_path
+ (SELECT f.FaceID FROM Face f WHERE CAST(f.Notes AS VARCHAR) = SUBSTRING(t.name_file, 0, CHARINDEX(@seperate_value, t.name_file)-1)) -- Compares and gives the faceID
+ (SELECT CASE
WHEN REPLACE(t.name_file, 'Approach', 1) <> t.name_file THEN '-AS.jpg'' '
WHEN REPLACE(t.name_file, 'CloseUp', 1) <> t.name_file THEN '-BS.jpg'' '
ELSE
'Undefined'
END
)
)
ELSE
' '
END
)
ELSE
' '
END
)
ELSE
' '
END
FROM #temp t
SELECT @cmd_string + 'RECONFIGURE EXEC sp_configure ''xp_cmdshell'',0'
EXEC (@cmd_string)
答案 0 :(得分:2)
我也有一段时间。我从服务器a运行脚本,其中的东西在服务器b上。我检查过,唯一的事情(除了凭证,看起来不是问题)是文件结构在远程服务器上不存在..
答案 1 :(得分:1)
这很可能是运行SQL Server服务的凭据的问题。该帐户可能无法充分访问您尝试从中复制的文件夹。
一种解决方案可能是尝试从SQL Server代理运行任务,另请参阅this discussion on the MSDN forums。
答案 2 :(得分:0)
除了使用T-SQL在SQL Server之外执行其他操作(这有其固有的风险)之外,您还需要首先为正确的帐户提供正确的权限,甚至可以运行xp_cmdshell
。
您将需要一个本地AD帐户,因为本地“ nt service \ mssqlserver”帐户可能在其他远程服务器中不存在,因此为什么永远无法访问它。
但是,在获得Shell步骤本身之前,请执行以下操作:
USE MASTER;
-- this turns on advanced options and is needed to configure xp_cmdshell
EXEC sp_configure 'show advanced options', '1'
RECONFIGURE
-- this enables xp_cmdshell
EXEC sp_configure 'xp_cmdshell', '1'
RECONFIGURE
IF NOT EXISTS
(SELECT loginname
FROM master.dbo.syslogins
WHERE name = 'yourdomain\anADaccount')
BEGIN
CREATE LOGIN [yourdomain\anADaccount] FROM WINDOWS;
EXEC sp_xp_cmdshell_proxy_account 'yourdomain\anADaccount', 'accountpassword'
END
--Create the database role and assign rights to the role
--select DATABASE_PRINCIPAL_ID('CmdShell_Executor')
IF DATABASE_PRINCIPAL_ID('CmdShell_Executor') IS NULL
BEGIN
CREATE ROLE [CmdShell_Executor] AUTHORIZATION [dbo]
GRANT EXEC ON xp_cmdshell TO [CmdShell_Executor]
END
IF NOT EXISTS
(SELECT [name]
FROM [sys].[database_principals]
WHERE [name] = 'yourdomain\anADaccount')
BEGIN
--Then once done create users and assign to CmdShell_Executor
CREATE USER [yourdomain\anADaccount] FROM LOGIN [yourdomain\anADaccount];
EXEC sp_addrolemember[CmdShell_Executor], [yourdomain\anADaccount];
END
现在,请确保您的AD帐户也具有远程服务器的权限。我强烈建议您在每台<<local>>
计算机上而不是在常规域的AD下创建这些AD帐户。然后,您可以控制该帐户,使其仅具有对远程服务器上特定文件夹或位置的读取权限。
现在您已经准备好从SQL Server运行CMD Shell,而没有任何安全漏洞的风险,外国人可能会访问您的数据库并运行Shell命令!
EXEC master..xp_cmdshell 'whoami.exe' --find out what account you're actually using
在过程结束时,请确保删除所有这些权限!
EXEC sp_xp_cmdshell_proxy_account NULL
drop user [yourdomain\anADaccount]
drop role [CmdShell_Executor]
drop login [yourdomain\anADaccount]