SQL°²×°ÎÊÌâ ÎÞ·¨»ñÈ¡ASPNETÕË»§µÄϵͳÕË»§ÐÅÏ¢
°²×°SQL Server2005 ÎÊÌâÐÅÏ¢£º
“SQL Server °²×°³ÌÐòÎÞ·¨»ñÈ¡ ASPNET ÕÊ»§µÄϵͳÕÊ»§ÐÅÏ¢”
½â¾ö°ì·¨£º
ÓÃaspnet_regiisʵÓù¤¾ßжÔغÍÖØа²×°Ò»Ï¾ͿÉÒÔÁË¡£
¾ßÌåµÄ²Ù×÷£º
1¡¢½øÈëCMD£º
C:\windows\microsoft.net\framework\v2.0.50727Îļþ¼ÐÏ£¬ÔËÐÐaspnet_regiis -uжÔØ
È»ºóÔËÐÐaspnet_regiis -i ÖØа²×°£¬ÉÏÊöÎÊÌâ¼´¿É½â¾ö¡£
2¡¢C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -u
CMD:
¿ªÊ¼Ð¶ÔØ ASP.NET (2.0.50727);
ASP.NET (2.0.50727) жÔØÍê±Ï¡£
°²×°³ÌÐò¼ì²âµ½²Ù×÷¹ý³ÌÖгöÏÖÁËһЩ´íÎó¡£ÓйØÏêϸÐÅÏ¢£¬Çë²é¿´°²×°³ÌÐò
DOCUME~1\ADMINI~1\LOCALS~1\Temp\ASPNETSetup_00000.log
3¡¢C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -i
CMD:
¿ªÊ¼°²×° ASP.NET (2.0.50727);
ASP.NET (2.0.50727)°²×°Íê±Ï¡£
ÔÙ°²×°SQL Server 2005
Ïà¹ØÎĵµ£º
Ó°ÏìÊý¾Ý¿â»¹ÔËٶȵÄÒòËغÍÓ°ÏìÊý¾Ý¿â±¸·ÝËٶȵÄÒòËØÏàͬ¡£³ý´ËÖ®Í⣬¼ÙÈçÄãʹÓÃSQL Server 2005µÄ»°£¬Ä㻹¿ÉÒÔÆô¶¯ÁíÍâÒ»¸öÓÅ»¯ÈÎÎñÀ´»¹Ôµ±Ç°²»´æÔÚµÄÊý¾Ý¿â£¬ÔËÐл·¾³ÎªWindows XP£¬Windows 2003 Server »ò¸üа汾¡£
Perform Volume Maintenance Tasks
µ±Ä㻹ÔÒ»¸öеÄÍêÕûÊý¾Ý¿âÊÇ£¬SQL Server¶Á±¸·ÝÎļþÍ·£¬È»ºó´ ......
1.°´ÐÕÊϱʻÅÅÐò:
Select * from TableName Order By CustomerName Collate Chinese_PRC_Stroke_ci_as
2.Êý¾Ý¿â¼ÓÃÜ:
select encrypt('ÔʼÃÜÂë')
select pwdencrypt('ÔʼÃÜÂë')
select pwdcompare('ÔʼÃÜÂë','¼ÓÃܺóÃÜÂë') = 1--Ïàͬ£»·ñÔò²»Ïàͬ encrypt('ÔʼÃÜÂë')
select pwdencrypt('ÔʼÃÜÂë')
select pw ......
SQL Server£º
Select TOP N * from TABLE Order By NewID()
Select TOP N * from TABLE Order By NewID()
NewID()º¯Êý½«´´½¨Ò»¸ö uniqueidentifier ÀàÐ͵ÄΨһֵ¡£ÉÏÃæµÄÓï¾äʵÏÖЧ¹ûÊÇ´ÓTableÖÐËæ»ú¶ÁÈ¡NÌõ¼Ç¼¡£
Access£º
Select TOP N *&n ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
ÏÖÔںܶàÍøÕ¾¶¼ÌṩÁËÕ¾ÄÚµÄËÑË÷¹¦ÄÜ£¬Óеĺܼòµ¥ÔÚSQLÓï¾äÀï¼ÓÒ»¸öÌõ¼þÈ磺where names like ‘%words%’¾Í¿ÉÒÔʵÏÖ×î»ù±¾µÄËÑË÷ÁË¡£
ÎÒÃÇÀ´¿´¿´¹¦ÄÜÇ¿´óÒ»µã£¬¸´ÔÓÒ»µãµÄËÑË÷ÊÇÈçºÎʵÏֵģ¨ÔÚSQL¡¡£Ó£Å£Ò£Ö£Å£Ò£²£°£°£¯£²£°£°£µÍ¨¹ý´æ´¢¹ý³ÌʵÏÖËÑË÷Ëã·¨£©¡£
ÎÒÃÇ ......
