Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

perlÒ»¸ö¼òµ¥mysql²Ù×÷µÄС³ÌÐò

#!/usr/bin/perl
use Mysql;
print "Content-type:
text/html \n\n";
# MySQL
ÅäÖñäÁ¿
$host = "localhost";
$database
= "testdb";
$tablename = "testtable";
$user = "username";
$pw =
"password";
# PERL MYSQL CONNECT()
$connect = Mysql->connect($host,
$database, $user, $pw);
# SELECT
DB
$connect->selectdb($database);
# ¶¨ÒåMySQL²éѯ
$myquery = "INSERT
INTO
$tablename (id, product, quantity)
VALUES
(DEFAULT,'pineapples','15')";
# Ö´Ðвéѯ
$execute =
$connect->query($myquery);
# Ó°ÏìÐÐ
$affectedrows =
$execute->affectedrows($myquery);
# ×îºóÒ»¸öInsertµÄID
$lastid =
$execute->insertid($myquery);
print $affectedrows."<br
/>";
print $lastid."<br />";


Ïà¹ØÎĵµ£º

[Injection]¶ÔMYSQL 5.0·þÎñÆ÷ÒÔÉÏ°æ±¾×¢Èë


by ZaraByte
How to do a SQL Injection for MYSQL Server 5.0+
1. Find a vulnerable add a ‘ at the end of the site example: news.php?id=1 add a ‘ at the end of the 1 and see if you get a syntax error
2. order by #–
Keep upping the # until you get an error.
3. union all select 1 ......

MySQLÊý¾Ý¿âÒýÇæ¿ìËÙÖ¸µ¼

 Èç¹ûÄãÊǸöÈü³µÊÖ²¢ÇÒ°´Ò»Ï°´Å¥¾ÍÄܹ»Á¢¼´¸ü»»ÒýÇæ¶ø²»ÐèÒª°Ñ³µ¿ªµ½³µ¿âÀïÈ¥»»£¬ÄÇ»áÊÇÔõô¸Ð¾õÄØ£¿MySQLÊý¾Ý¿âΪ¿ª·¢ÈËÔ±Ëù×öµÄ¾ÍºÃÏñÊÇ°´°´Å¥»»ÒýÇ棻ËüÈÃÄãÑ¡ÔñÊý¾Ý¿âÒýÇ棬²¢¸øÄãÒ»Ìõ¼òµ¥µÄ;¾¶À´Çл»Ëü¡£
MySQL µÄ×Ô´øÒýÇæ¿Ï¶¨Êǹ»ÓÃÁË£¬µ«ÊÇÔÚÓÐЩÇé¿öÏ£¬ÆäËûµÄÒýÇæ¿ÉÄÜÒª±ÈÊÖÍ·ËùÓøüÊʺÏÍê³ÉÈÎÎñ¡£Èç¹ûÔ¸Ò ......

¼Ç¼µã¶«Î÷£¬MSSQL£¬MySQL£¬.NETµÄMD5¼ÓÃÜ

 MSSQL:select Right(sys.fn_VarBinToHexStr(hashbytes('MD5', '123456')),32)
 MSSQL16λ:select Right(sys.fn_VarBinToHexStr(hashbytes('MD5', '123456')),16)
 MySQL:select md5('123456')
 .NET:string ½á¹û×Ö·û´®=System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFil ......

Javaµ÷Óô洢¹ý³Ì(MySqlÊý¾Ý¿â)

Ò»¡¢½¨±í
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user` (
  `ID` int(11) NOT NULL auto_increment,
  `NAME` varchar(16) NOT NULL default '',
  `REMARK` varchar(16) NOT NULL default '',
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB AUTO_INCREMENT=24 DEFAULT CHARSET=utf8;
&nb ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ