Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

sql×¢ÈëÍ»Æƹؼü×Ö¹ýÂË


Ò»Ö±ÒÔÀ´¶¼ÒÔΪֻÓпոñ£¬tab¼üºÍ×¢ÊÍ·û/**/¿ÉÒÔÓÃÀ´Çиîsql¹Ø¼ü×Ö£¬¶Îʱ¼ä
ÔÚа°Ë¿´ÁË·çѸcms×¢È멶´ÄÇƪÌû×Ó£¬²ÅÖªµÀÔ­À´»Ø³µÒ²¿ÉÒÔÓÃÀ´×÷Ϊ·Ö¸î·û£¨
ÒÔÇ°¾¹È»Ã»ÓÐÏëµ½£¬ÕæÊÇʧ°Ü£©¡£»Ø³µµÄasciiÂëÊÇchr(13)&chr(10)£¬ÖÁÓÚΪʲ
ôҪÁ½¸öÁ¬ÔÚÒ»Æð£¬Õâ¸öÎÒÒ²²»ÖªµÀ¡£×ª»»³Éurl±àÂëÐÎʽÊÇ%0d%0a£¬ÓÚÊǾͿÉÒÔ
ÓÃ%0d%0a´úÌæ¿Õ¸ñpassһЩ¹ýÂË¿Õ¸ñµÄ¼ì²éÁË¡£
ÒýÉêһϣ¬Ö»ÓÃ%0dÄÜÕý³£Ö´ÐÐÓï¾äÂð£¿Ö»ÓÃ%0aÄØ£¿²âÊÔÖ¤Ã÷£¬ÓÃÈÎÒâÒ»ÖÖ·Ö¸î
ÔÚmssql¡¢mysqlºÍaccessÀïÃ涼ÊÇ¿ÉÒԵġ£
ÁíÍ⣬¹ØÓÚmssqlµÄ¶àÓï¾äÎÊÌâ¡£ÎÒÒÔÇ°Ò»Ö±ÒÔΪ±ØÐëÓ÷ֺÅ×÷ΪÓï¾äµÄ½á⣬ºó
À´·¢ÏÖ£¬ÍêÈ«²»ÊÇÄÇÑù¡£ÀàËÆ
Copy code
select * from table exec xp_cmdshell'xxxxxxxxxx'
select * from table/**/exec xp_cmdshell'xxxxxxxxxx'
select * from table|---tab---|exec xp_cmdshell'xxxxxxxxxx'
select * from table|---enter---|exec xp_cmdshell'xxxxxxxxxx'
µÄÓï¾ä¶¼ÊÇ¿ÉÒÔÕý³£Ö´Ðеġ£¶øÎÒÒÔÇ°¾¹È»Ò»Ö±²»ÖªµÀ£¡²»¹ýÕâ¸öòËƸúÁ¬½ÓÊý
¾Ý¿âÇý¶¯ÓйØϵ£¬odbc¿ÉÒÔÕý³£Ö´ÐУ¬sqloledbµÄ»°¾Í»á±¨´í¡£ÓÐÐËȤµÄ¼ÌÐøÑÐ
¾¿°É
ÕâÑù£¬ÒÔºóÓöµ½´ø¿Õ¸ñ¹ýÂ˹ؼü×ÖµÄÀ¹½Ø³ÌÐò£¬ÓÖ¿ÉÒÔ·¢»Ó·¢»ÓÁË
¿ÉÄÜ´ó¼ÒÔç¾ÍÖªµÀÁË£¬²»¹ÜÔõô˵£¬·¢ÔÚÕâÀï°É£¡
×î½üÏëÆð¿ÉÄÜ»¹ÓÐЩasciiÂë¿ÉÒÔÓÃÀ´ÔÚsqlÓï¾äÖдúÌæ¿Õ¸ñ£¬ÓÚÊÇд¸ö½Å±¾²âÊÔ
ÁËһϣ¬½á¹ûÔÚËùÓÐ128¸öµÍλascii×Ö·ûÖУ¬chr(12)Ò²¿ÉÒÔÔÚaccessÀïÓ㬲»¹ý
òËÆchr(12)²»ÄܳöÏÖÔÚand¡¢orÖ®ÀàµÄ¹Ø¼ü´Ê¸½½ü£¬Ô­Òò²»Çå³þ¡£mysqlÖбÈ
access¶àÒ»¸öchr(11)¿ÉÒÔ¡£ÖÁÓÚmssql£¬ÍÚÈÕ£¬Ö±½Ó´Ó1µ½32µÄasciiÂë»»³É×Ö·û
ºó¶¼¿ÉÒÔÕý³£Ê¹Óá£


Ïà¹ØÎĵµ£º

ÔõÑùÖƶ¨×Ô¼ºµÄSQL Server 2000´¥·¢Æ÷

´´½¨Ò»¸ö¼òµ¥µÄ´¥·¢Æ÷
´¥·¢Æ÷ÊÇÒ»ÖÖÌØÊâµÄ´æ´¢¹ý³Ì£¬ÀàËÆÓÚʼþº¯Êý£¬SQL Server? ÔÊÐíΪ INSERT¡¢UPDATE¡¢DELETE ´´½¨´¥·¢Æ÷£¬¼´µ±ÔÚ±íÖвåÈë¡¢¸üС¢É¾³ý¼Ç¼ʱ£¬´¥·¢Ò»¸ö»òһϵÁÐ T-SQLÓï¾ä¡£
´¥·¢Æ÷¿ÉÒÔÔÚ²éѯ·ÖÎöÆ÷Àï´´½¨£¬Ò²¿ÉÒÔÔÚ±íÃûÉϵãÓÒ¼ü->“ËùÓÐÈÎÎñ”->“¹ÜÀí´¥·¢Æ÷”À´´´½¨£¬²» ......

MySQL ×Ö·û¼¯µ¼ÖÂSQLÁ¬½ÓÖ®ºóÖÐÎÄÂÒÂëµÄÎÊÌ⣡

character-set-server = GB2312
collation-server = latin1_general_ci
MySQL×Ö·û¼¯ GBK¡¢GB2312¡¢UTF8Çø±ð ½â¾ö MYSQLÖÐÎÄÂÒÂëÎÊÌâ ÊÕ²Ø
MySQLÖÐÉæ¼°µÄ¼¸¸ö×Ö·û¼¯
character-set-server/default-character-set£º·þÎñÆ÷×Ö·û¼¯£¬Ä¬ÈÏÇé¿öÏÂËù²ÉÓõġ£
character-set-database£ºÊý¾Ý¿â×Ö·û¼¯¡£
character-set-table£ºÊ ......

½«accessµ¼ÈëSQL server

Ò»¡¢SQL SERVER ºÍACCESSµÄÊý¾Ýµ¼Èëµ¼³ö
³£¹æµÄÊý¾Ýµ¼Èëµ¼³ö£º
ʹÓÃDTSÏòµ¼Ç¨ÒÆÄãµÄAccessÊý¾Ýµ½SQL Server£¬Äã¿ÉÒÔʹÓÃÕâЩ²½Öè:
¡¡¡¡¡ð1ÔÚSQL SERVERÆóÒµ¹ÜÀíÆ÷ÖеÄTools£¨¹¤¾ß£©²Ëµ¥ÉÏ£¬Ñ¡ÔñData Transformation
¡¡¡¡¡ð2Services£¨Êý¾Ýת»»·þÎñ£©£¬È»ºóÑ¡Ôñ  czdImport Dat ......

SQL SERVER ÓëACCESS¡¢EXCELµÄÊý¾Ýת»»

ÊìϤSQL SERVER 2000µÄÊý¾Ý¿â¹ÜÀíÔ±¶¼ÖªµÀ£¬ÆäDTS¿ÉÒÔ½øÐÐÊý¾ÝµÄµ¼Èëµ¼³ö£¬Æäʵ£¬ÎÒÃÇÒ²¿ÉÒÔʹÓÃTransact-SQLÓï¾ä½øÐе¼Èëµ¼³ö²Ù×÷¡£ÔÚTransact-SQLÓï¾äÖУ¬ÎÒÃÇÖ÷ҪʹÓÃOpenDataSourceº¯Êý¡¢OPENROWSET º¯Êý£¬¹ØÓÚº¯ÊýµÄÏêϸ˵Ã÷£¬Çë²Î¿¼SQLÁª»ú°ïÖú¡£ÀûÓÃÏÂÊö·½·¨£¬¿ÉÒÔÊ®·ÖÈÝÒ×µØʵÏÖSQL SERVER¡¢ACCESS¡¢EXCELÊý¾Ýת»»£ ......

½â¾öSQL ServerתACCESS×Ô¶¯±àºÅÎÊÌâ


1.´ò¿ªSQL server enterprise mananger “ÆóÒµ¹ÜÀíÆ÷”
ÔÚÄãÒªµ¼³öµÄSQLÊý¾Ý¿âÉÏÊó±êÓÒ¼ü²Ëµ¥£ºËùÓÐÈÎÎñ-¡·µ¼³öÊý¾Ý
2.»Ø³öÏÖÒ»¸öµ¼³öÏòµ¼´°¿Ú¡£
Ñ¡Ôñ±»µ¼³öµÄÊý¾ÝÔ´£¬ÎªÄã¸Õ²ÅËùÑ¡ÔñµÄÊý¾Ý¿â£¬Èç¹û·¢ÏÖ²»¶ÔÓ¦×ÔÐÐÐ޸ġ£
3.½øÈëµ¼³öµ½Ä¿±êÊý¾ÝÔ´µÄÑ¡Ôñ£¬ÕâÀïÎÒÃÇҪת³ÉACCESSµÄÊý¾Ý¿â¡£×¢ÒâÑ¡ÔñÊý¾ÝÔ´ÀàÐÍÎ ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ