MySQL 5.1.38
ÍêÈ«°²×°°ü
http://mysql.isu.edu.tw/Downloads/MySQL-5.1/mysql-5.1.38-win32.msi
°üº¬ÁË°²×°MySQLËùÐèÒªµÄÈ«²¿ÎļþÓëÅäÖÃÏòµ¼ÒÔ¼°¿ÉÑ¡×é¼þ£¬Èç»ù×¼Ì×¼þºÍǶÈëʽ·þÎñÆ÷
»ù±¾°²×°°ü
http://mysql.isu.edu.tw/Downloads/MySQL-5.1/mysql-essential-5.1.38-win32.msi
Ö»°üº¬ÁË°²×°MySQLËùÐèÒªµÄ»ù±¾ÎļþÓëÅäÖÃÏòµ¼£¬µ«ÊDz¢Ã»Óаüº¬¿ÉÑ¡×é¼þ£¬Èç»ù×¼Ì×¼þºÍǶÈëʽ·þÎñÆ÷
Ãâ°²×°°ü
http://mysql.isu.edu.tw/Downloads/MySQL-5.1/mysql-noinstall-5.1.38-win32.zip
°üº¬ÁËÍêÈ«°²×°°üÖгýÅäÖÃÏòµ¼ÒÔÍâµÄÈ«²¿Îļþ£¬Äã±ØÐëÊÖ¶¯°²×°ºÍÅäÖÃËüµÄÅäÖÃÎļþ
ÍêÈ«°²×°°üºÍ»ù±¾°²×°°ü¾ù°üº¬ÁËMySQLµÄ°²×°Ïòµ¼ºÍÅäÖÃÏòµ¼£¬Òò´ËÔÚ¾ø´ó¶àÊýÇé¿öÏ£¬½¨ÒéÑ¡ÔñÕâÁ½ÖÖ°²×°·½Ê½¡£Èç¹ûÐèÒªÔÚһ̨·þÎñÆ÷ÉÏ°²×°¶à¸öMySQL»ò¶ÔMySQL±È½ÏÊìϤ£¬ÏëÍêÈ«¿ØÖÆ·þÎñÆ÷µÄÅäÖã¬ÔòÓ¦¸ÃÑ¡ÔñÃâ°²×°°ü
Ïà¹ØÎĵµ£º
by ZaraByte
How to do a SQL Injection for MYSQL Server 5.0+
1. Find a vulnerable add a ‘ at the end of the site example: news.php?id=1 add a ‘ at the end of the 1 and see if you get a syntax error
2. order by #–
Keep upping the # until you get an error.
3. union all select 1 ......
MSSQL:select Right(sys.fn_VarBinToHexStr(hashbytes('MD5', '123456')),32)
MSSQL16λ:select Right(sys.fn_VarBinToHexStr(hashbytes('MD5', '123456')),16)
MySQL:select md5('123456')
.NET:string ½á¹û×Ö·û´®=System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFil ......
¼¸¸öÔÂÇ°£¬ÊÜһλÀÏʦµÄίÍУ¬Òª°ïËû×öÒ»¸ö¹ØϵÊý¾Ý¿âģʽÐÅÏ¢ÌáÈ¡µÄСÏîÄ¿£¬Ö÷ÒªµÄ¹¦ÄÜʵÏÖ¾ÍÊǽ«¹ØϵÊý¾Ý¿âµÄ±í½á¹¹ºÍ×ֶεÄÐÅϢͨ¹ý±í¸ñµÄÐÎʽչʾ³öÀ´¡£ÎÒͨ¹ý´ÓÍøÉÏËѼ¯×ÊÁÏÒÔ¼°·Êé²éÕÒ£¬ÏÈʵÏÖÁËÒ»¸ömysqlµÄÊý¾ÝÌáÈ¡Æ÷¡£Ïȸø´ó¼Ò·ÖÏíһϡ£ÉÔºóµÄ¼¸ÌìÄÚ»á°ÑÁíÒ»¸ömysql¹ ......
#!/usr/bin/perl
use Mysql;
print "Content-type:
text/html \n\n";
# MySQL
ÅäÖñäÁ¿
$host = "localhost";
$database
= "testdb";
$tablename = "testtable";
$user = "username";
$pw =
"password";
# PERL MYSQL CONNECT()
$connect = ......
