ÉèÖÃmysqlĬÈϱàÂë
°²×°ºó
/etc/init.d/mysql start (stop) ΪÆô¶¯ºÍÍ£Ö¹·þÎñÆ÷
/etc/mysql/ Ö÷ÒªÅäÖÃÎļþËùÔÚλÖà my.cnf
/var/lib/mysql/ ·ÅÖõÄÊÇÊý¾Ý¿â±íÎļþ¼Ð£¬ÕâÀïµÄmysqlÏ൱ÓÚwindowsÏÂmysqlµÄdateÎļþ¼Ð
Æô¶¯mysqlºó£¬ÒÔrootµÇ¼mysql
isher@isher-ubuntu:~$ mysql -u root
>show variables like 'character%'; #Ö´ÐбàÂëÏÔʾ
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | latin1 |
| character_set_connection | latin1 |
| character_set_database | latin1 |
| character_set_filesystem | binary |
| character_set_results | latin1 |
| character_set_server | latin1 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
ÔÚijЩʱºò£¬ÎÒÃÇÐøÒªÐÞ¸ÄmysqlĬÈÏÊý¾Ý¿âµÄ±àÂ룬ÒÔ±£Ö¤Ä³Ð©Ç¨ÒƵijÌÐò¿ÉÒÔÕý³£ÏÔʾ£¬±à¼my.cnfÎļþ½øÐбàÂëÐÞ¸Ä,windows¿ÉÒÔÖ±½ÓÓãÍysql Server Instance Config Wizard ½øÐÐÉèÖÃ
ÔÚlinuxÏÂÐÞ¸Ä3¸ömy.cnfµÄ1¸ö/etc/mysql/my.cnfÎļþ
ÕÒµ½¿Í»§¶ËÅäÖÃ[client] ÔÚÏÂÃæÌí¼Ó
default-character-set=utf8 ĬÈÏ×Ö·û¼¯Îªutf8
ÔÚÕÒµ½[mysqld] Ìí¼Ó
default-character-set=utf8 ĬÈÏ×Ö·û¼¯Îªutf8
init_connect='SET NAMES utf8' £¨É趨Á¬½ÓmysqlÊý¾Ý¿âʱʹÓÃutf8±àÂ룬ÒÔÈÃmysqlÊý¾Ý¿âΪutf8ÔËÐУ©
Ð޸ĺúó£¬ÖØÐÂÆô¶¯mysql ¼´¿É£¬²éѯһÏÂshow variables like 'character%';
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8 |
| character_set_connection | utf8 |
| character_set_database | utf8 |
| character_set_filesystem | binary |
| character_set_results | utf8 |
| character_set_server | utf8 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
´Ë·½·¨ÓÃÓÚ±ê×¼mysql°æ±¾Í¬ÑùÓÐЧ£¬¶ÔÓÚ/etc/my.cnfÎļþ£¬ÐèÒª´Ómysql/support-filesµÄÎļþ¼Ðcp my-large.cnfÒ»·Ýµ½/etc/my.cnf
ÎÄÕ³ö´¦£ºhttp://www.diyb
Ïà¹ØÎĵµ£º
by ZaraByte
How to do a SQL Injection for MYSQL Server 5.0+
1. Find a vulnerable add a ‘ at the end of the site example: news.php?id=1 add a ‘ at the end of the 1 and see if you get a syntax error
2. order by #–
Keep upping the # until you get an error.
3. union all select 1 ......
Èç¹ûÄãÊǸöÈü³µÊÖ²¢ÇÒ°´Ò»Ï°´Å¥¾ÍÄܹ»Á¢¼´¸ü»»ÒýÇæ¶ø²»ÐèÒª°Ñ³µ¿ªµ½³µ¿âÀïÈ¥»»£¬ÄÇ»áÊÇÔõô¸Ð¾õÄØ£¿MySQLÊý¾Ý¿âΪ¿ª·¢ÈËÔ±Ëù×öµÄ¾ÍºÃÏñÊÇ°´°´Å¥»»ÒýÇ棻ËüÈÃÄãÑ¡ÔñÊý¾Ý¿âÒýÇ棬²¢¸øÄãÒ»Ìõ¼òµ¥µÄ;¾¶À´Çл»Ëü¡£
MySQL µÄ×Ô´øÒýÇæ¿Ï¶¨Êǹ»ÓÃÁË£¬µ«ÊÇÔÚÓÐЩÇé¿öÏ£¬ÆäËûµÄÒýÇæ¿ÉÄÜÒª±ÈÊÖÍ·ËùÓøüÊʺÏÍê³ÉÈÎÎñ¡£Èç¹ûÔ¸Ò ......
Ò»¡¢ÉèÖÃÊý¾Ý¿â±àÂë
°²×°mysqlʱ¿ÉÑ¡Ôñ±àÂ룬Èç¹ûÒѾ°²×°¹ý£¬¿ÉÒÔ¸ü¸ÄÎļþmy.ini(´ËÎļþÔÚmysqlµÄ°²×°Ä¿Â¼ÏÂ)ÖеÄÅäÖÆÒԴﵽĿµÄ£»´ò¿ªÎļþÕÒµ½Á½´¦£º
[client]
port=3306
[mysql]
default-character-set=gb2312
# The default character set that will be used when a new
schema or table is
# created and
n ......
ÍíÉÏÓÐÅóÓÑÎÊÆ𣬼òµ¥µÄдÁËÒ»¸ö¡£
DELIMITER $$
CREATE
FUNCTION `t_girl`
.
`func_rand_string`
(
f_num tinyint
unsigned
,
f_type tinyint
unsigned
)
RETURNS varchar
(
32)
BEGIN
......
