参考见本文: html ">http://HdhCmsTest2cto测试数据/Article/200806/27544.html
针对MYSQL udf.dll提权的安全防御
删除udf.dll和langouster_udf.dll,新建udf.dll和langouster_udf.dll设为只读,权限上限制 可防止所有langouster_udf.dll专用网马
批处理程序代码
net stop mysql del %SystemRoot%system32udf.dll /A/F/Q del %SystemRoot%udf.dll /A/F/Q del %SystemRoot% empudf.dll /A/F/Q dir %SystemRoot%system32com > %SystemRoot%system32udf.dll dir %SystemRoot%system32com > %SystemRoot%udf.dll dir %SystemRoot%system32com > %SystemRoot% empudf.dll attrib +R +S +H %SystemRoot%system32udf.dll attrib +R +S +H %SystemRoot%udf.dll attrib +R +S +H %SystemRoot% empudf.dll cscript.exe xcacls.vbs "%SystemRoot%system32udf.dll" /D Everyone:M /E cscript.exe xcacls.vbs "%SystemRoot%udf.dll" /D Everyone:M /E cscript.exe xcacls.vbs "%SystemRoot% empudf.dll" /D Everyone:M /E del %SystemRoot%system32langouster_udf.dll /A/F/Q del %SystemRoot%langouster_udf.dll /A/F/Q del %SystemRoot% emplangouster_udf.dll /A/F/Q dir %SystemRoot%system32com > %SystemRoot%system32langouster_udf.dll dir %SystemRoot%system32com > %SystemRoot%langouster_udf.dll dir %SystemRoot%system32com > %SystemRoot% emplangouster_udf.dll attrib +R +S +H %SystemRoot%system32langouster_udf.dll attrib +R +S +H %SystemRoot%langouster_udf.dll attrib +R +S +H %SystemRoot% emplangouster_udf.dll cscript.exe xcacls.vbs "%SystemRoot%system32langouster_udf.dll" /D Everyone:M /E cscript.exe xcacls.vbs "%SystemRoot%langouster_udf.dll" /D Everyone:M /E cscript.exe xcacls.vbs "%SystemRoot% emplangouster_udf.dll" /D Everyone:M /E net start mysql
查看更多关于针对MYSQL udf.dll提权的安全防御 - 网站安全 - 自学的详细内容...