Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

¹È¸èɵ¹ÏʽSQL×¢Éä(Google dorks sql injection)

Google dorks sql injection:
inurl:index.php?id=  
inurl:trainers.php?id=  
inurl:buy.php?category=  
inurl:article.php?ID=  
inurl:Play_old.php?id=  
inurl:declaration_more.php?decl_id=  
inurl:Pageid=  
inurl:games.php?id=  
inurl:Page.php?file=  
inurl:newsDetail.php?id=  
inurl:gallery.php?id=  
inurl:article.php?id=  
inurl:show.php?id=  
inurl:staff_id=  
inurl:newsitem.php?num=  
inurl:readnews.php?id=  
inurl:top10.php?cat=  
inurl:historialeer.php?num=  
inurl:reagir.php?num=  
inurl:Stray-Questions-View.php?num=  
inurl:forum_bds.php?num=  
inurl:game.php?id=  
inurl:view_product.php?id=  
inurl:newsone.php?id=  
inurl:sw_comment.php?id=  
inurl:news.php?id=  
inurl:avd_start.php?avd=  
inurl:event.php?id=  
inurl:Product-item.php?id=  
inurl:sql.php?id=  
inurl:news_view.php?id=  
inurl:select_biblio.php?id=  
inurl:humor.php?id=  
inurl:aboutbook.php?id=  
inurl:fiche_spectacle.php?id=  
inurl:communique_detail.php?id=  
inurl:sem.php3?id=  
inurl:kategorie.php4?id=  
inurl:news.php?id=  
inurl:index.php?id=  
inurl:faq2.php?id=  
inurl:show_an.php?id=  
inurl:Preview.php?id=  
inurl:loadpsb.php?id=  
inurl:Opinions.php?id=  
inurl:spr.php?id=  
inurl:Pages.php?id=  
inurl:announce.php?id=  
inurl:clanek.php4?id=  
inurl:Participant.php?id=  
inurl:download.php?id=  
inurl:main.php?id=  
inurl:review.php?id=  
inurl:chappies.php?


Ïà¹ØÎĵµ£º

java½«excelµ¥Ôª¸ñÊý¾Ýת»»³ÉsqlÓï¾ä

Ê×ÏÈÒªÓÐjxlÀà¿â¡£
³ÌÐòÈçÏ£º
import java.io.*;
import jxl.*;
public class ExcelToSql {
  public static void main(String args[])
  {
   try
   {
    Workbook book= Workbook.getWorkbook(new File("D:\\workspaceuse6\\foundation\\test\\com\\gres ......

SQL ´óÈ« ÐÄÓêÖ®¼Ò

1.°´ÐÕÊϱʻ­ÅÅÐò:
Select * from TableName Order By CustomerName Collate Chinese_PRC_Stroke_ci_as
2.Êý¾Ý¿â¼ÓÃÜ:
select encrypt('ԭʼÃÜÂë')
select pwdencrypt('ԭʼÃÜÂë')
select pwdcompare('ԭʼÃÜÂë','¼ÓÃܺóÃÜÂë') = 1--Ïàͬ£»·ñÔò²»Ïàͬ encrypt('ԭʼÃÜÂë')
select pwdencrypt('ԭʼÃÜÂë')
select pw ......

¶¯Ì¬SQL(Dynamic SQL)

----start
    ¶¯Ì¬SQLÊÇÔÚ³ÌÐòÔËÐÐʱ¹¹ÔìµÄ£¬ÒªÖ´Ðе¥ÌõSQL£¬Ê¹ÓÃEXECUTE IMMEDATE Óï¾ä£»µ±ÅúÁ¿Ö´ÐÐSQLʱ£¬ÏÈʹÓÃPREPARE Óï¾ä¹¹ÔìSQL£¬È»ºóʹÓÃEXECUTE Óï¾äÖ´ÐС£
Ò»£ºPrepareÓï¾ä£ºÓÃÀ´¹¹ÔìÅúÁ¿SQL
Óï·¨£º
PREPARE <sql-statement> [OUTPUT] INTO <result> [INPUT INTO] <input> ......

SQL SERVER 2000/2005 ÁÐתÐÐ ÐÐתÁÐ


ÆÕͨÐÐÁÐת»»
ÎÊÌ⣺¼ÙÉèÓÐÕÅѧÉú³É¼¨±í(tb)ÈçÏÂ:
ÐÕÃû ¿Î³Ì ·ÖÊý
ÕÅÈý ÓïÎÄ 74
ÕÅÈý Êýѧ 83
ÕÅÈý ÎïÀí 93
ÀîËÄ ÓïÎÄ 74
ÀîËÄ Êýѧ 84
ÀîËÄ ÎïÀí 94
Ïë±ä³É(µÃµ½ÈçϽá¹û)£º
ÐÕÃû ÓïÎÄ Êýѧ ÎïÀí
---- ---- ---- ----
ÀîËÄ 74 84 94
ÕÅÈý 74 83 93
-------------------
*/
create table tb(Ð ......

SQLÖÐÈçºÎÓÃÒ»¸ö±í¸üÐÂÁíÒ»¸ö±í

for ACCESS :
update a, b set a.name=b.name1 where a.id=b.id
for SQL Server:
"update a set a.name=b.name1 from a,b where a.id=b.id"
update   a   set   a.status=b.status  
  from   table1   a,table2   b  
&nbs ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ