MySQL 5.1ÍêȫжÔØ
ÓÉÓÚ°²×°MySQLµÄʱºò£¬ÊèºöûÓÐÑ¡Ôñµ×²ã±àÂ뷽ʽ£¬²ÉÓÃĬÈϵÄASCIIµÄ±àÂë¸ñʽ£¬ÓÚÊǽӶþÁ¬ÈýµÄÖÐÎÄת»»ÎÊÌâËæÖ®¶øÀ´£¬¾ÍÏëжÔØÁËÖØа²×°MYSQL£¬ÕâһжÔص¹ÊdzöÁËÎÊÌ⣬µ¼Ö°²×°µÄʱºò°²×°²»ÉÏ£¬ÔÚÍøÉÏÕÒÁËÒ»¸ö¶àСʱҲû½â¾ö¡£
ÖØװϵͳÓÀÔ¶ÊǸöºÃ°ì·¨£¬µ«ÓÐËϲ»¶Õâô×öѽ:(
ºóÀ´ÎÞÒâ·¢ÏÖÊÇжÔصÄʱºòûÓÐжÔØÍêÈ«µ¼Ö£¬ÏÂÃæ¸ø³öÍêÕûµÄжÔØMySQL 5.1µÄжÔØ·½·¨£º
1¡¢¿ØÖÆÃæ°åÀïµÄÔö¼Óɾ³ý³ÌÐòÄÚ½øÐÐɾ³ý
2¡¢É¾³ýMySQLÎļþ¼ÐϵÄmy.iniÎļþ£¬Èç¹û±¸·ÝºÃ£¬¿ÉÒÔÖ±½Ó½«Îļþ¼ÐÈ«²¿É¾³ý
3¡¢¿´¿´×¢²á±íÀïÕ⼸¸öµØ·½É¾³ýûÓÐ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\MySQL Ŀ¼ɾ³ý
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\MySQL Ŀ¼ɾ³ý
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\MySQL Ŀ¼ɾ³ý
4¡¢ÕâÒ»ÌõÊǺܹؼüµÄ
C:\Documents and Settings\All Users\Application Data\MySQL
ÕâÀﻹÓÐMySQLµÄÎļþ£¬±ØÐëҪɾ³ý
×¢Ò⣺Application DataÕâ¸öÎļþ¼ÐÊÇÒþ²ØµÄ£¬ÐèÒª´ò¿ª¸öÎļþ¼ÐÑ¡Ôñ²Ëµ¥À¸ ¹¤¾ß→Îļþ¼ÐÑ¡Ïî→²é¿´→Òþ²ØÎļþºÍÎļþ¼Ð Ò»ÏîÑ¡ÉÏ ÏÔʾËùÓÐÎļþºÍÎļþ¼Ð È·¶¨
OK£¡ÒÔÉÏ4²½Íê³É£¬Ôٴΰ²×°°É£¬ºÙºÙ£º£©
Ïà¹ØÎĵµ£º
by ZaraByte
How to do a SQL Injection for MYSQL Server 5.0+
1. Find a vulnerable add a ‘ at the end of the site example: news.php?id=1 add a ‘ at the end of the 1 and see if you get a syntax error
2. order by #–
Keep upping the # until you get an error.
3. union all select 1 ......
MSSQL:select Right(sys.fn_VarBinToHexStr(hashbytes('MD5', '123456')),32)
MSSQL16λ:select Right(sys.fn_VarBinToHexStr(hashbytes('MD5', '123456')),16)
MySQL:select md5('123456')
.NET:string ½á¹û×Ö·û´®=System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFil ......
1¡¢ÔÚmysql Êý¾Ý¿âÖУ¬“2009-09-15 00£º00£º00”ת»¯ÎªÁÐΪ³¤ÕûÐ͵ĺ¯Êý£º
select unix_timstamp("2009-09-15 00£º00£º00")*1000,
ÕâÀïҪעÒ⣬mysqlÊý¾Ý¿âÖеij¤ÕûÐÍ£¬±ÈjavaÖеij¤ÕûÐÍÉÙÁËÃëºóÃæµÄºÁÃëÊý£¬ËùÒÔÒª³ËÒÔ1000£¬ÕâÑùÖ»Óм¸ºÁÃëÖ®²î
2¡¢ÔÚmysqlÊý¾Ý¿âÖУ¬“1252999488000”£ ......
ʹÓÃmysql ¾³£»áÓöµ½±àÂëÎÊÌ⣬¶øµ¼Ö³ÌÐò³öÏÖÂÒÂë,mysql ÔÚÒÔϼ¸¸öµØ·½»áÉæ¼°µ½±àÂë¸ñʽ
Êý¾Ý¿â±àÂë
·þÎñÆ÷±àÂë
Á¬½Ó±àÂë
¿Í»§¶Ë±àÂë
ÏÂÃæÊÇÒ»¸öµäÐ͵ÄʾÀý£¬ ÔËÐÐ mysql -u root
²é¿´±àÂë mysql>status
mysql Ver 14.7 Distrib 4.1.14, for Win32 (ia32)
Connection id: 90
Current database: yitian ......
Ò»:°²×°
ÎÞÂÛÄãϲ»¶µÄÊÇÄÄÖÖLINUXÌ×¼þ£¬Ëü¶¼ÓпÉÄÜ´øÓÐMySQL¡£Slackware,Ret Hat,SusEºÍDebianÖж¼ÔÚËüÃǵĵ±Ç°°æ±¾Öаüº¬ÁËËü£¬Õ⽫ÌṩһÖÖ×î¼òµ¥µÄ·½Ê½À´¿ìËÙ°²×°ºÍÔËÐÐMySQL¡£Èç¹ûÄãµÄ·¢Ðа汾ÖÐûÓÐÌṩMySQLÈí¼þ°ü£¬»òÕßÄãÏëµÃµ½×îеİ汾£¬Äã¿ÉÒÔ´ÓMySQLµÄÍøÕ¾:www.mysql.comÉÏÏÂÔضþ½øÖÆ°ü»òÔ ......
