Thanks Ichunqiu company.I have a chance to learn some lessons for free in five days till 10.1 this year.Here is the address.https://www.ichunqiu.com. But you may have no access to all ithe videos.There are many video on the Internet,but here in Ichunqiu It is arranged very well!
This article is tested by a mysql database.The oher database may use the same way.
Step 1:Get the sql database address
You have to ways to get these.One is finding some website those have some xss and other deangerous bug.And you need send your trojan on it.And then you can get the config files or the database files on it.The config files may be conn,sql,inc,common,data etc catalog.If you get them you can get the link address easily.In case of this situation,you may need design you website safely ,connect the data without root or sa , write you own config with encryption,update the database in time and install the Waf on your server PC.You can design the website,encrypt the config files may be little problem.The other way to get the address may scan add the ip address using weak password ,such as root 123456,root root,etc.Incase of this situation,set a strong password with lower abc ,upper ABC,numbers 123,and some other symbol like !@#$%^ is necessary.Especially in you server PC.Because the one who get this,can get the account of you server PC easily.I will tell you in the step2 in the article.
Step2:Creat your account
If you have get the address to a mysql database ,you can promote your authority and creat a windows account through the UDF tool ,the MOD bug or other mothods.And in this way, you can open port that you can use the mstsc.exe.And then you have it.
The reference lesson link is this https://www.ichunqiu.com/qad/course/52775.