5±¾¾µäSQLµç×ÓÊé
SQL±¦µä
SQL±ØÖª±Ø»áµÚÈý°æ
SQLÈëÞµäµÚËİæ
Sams Teach Yourself SQL in 10 Minutes Third Edition
SQL The Complete Reference
Ïà¹ØÎĵµ£º
SQLλÔËËã
select 2|8 --10
select 2|8|1 --11
select 10&8 --8,°üº¬,10=8+2
select 10&2 --2,°üº¬,10=2+8
select 10&4 --0,²»°üº¬
select 19&16 --16,°üº¬,19=16+2+1
s ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
ÏÖÔںܶàÍøÕ¾¶¼ÌṩÁËÕ¾ÄÚµÄËÑË÷¹¦ÄÜ£¬Óеĺܼòµ¥ÔÚSQLÓï¾äÀï¼ÓÒ»¸öÌõ¼þÈ磺where names like ‘%words%’¾Í¿ÉÒÔʵÏÖ×î»ù±¾µÄËÑË÷ÁË¡£
ÎÒÃÇÀ´¿´¿´¹¦ÄÜÇ¿´óÒ»µã£¬¸´ÔÓÒ»µãµÄËÑË÷ÊÇÈçºÎʵÏֵģ¨ÔÚSQL¡¡£Ó£Å£Ò£Ö£Å£Ò£²£°£°£¯£²£°£°£µÍ¨¹ý´æ´¢¹ý³ÌʵÏÖËÑË÷Ëã·¨£©¡£
ÎÒÃÇ ......
Ó¦Ò»¸öÅóÓѵÄÒªÇó£¬ÌùÉÏÊղصÄSQL³£Ó÷ÖÒ³µÄ°ì·¨¡«¡«
±íÖÐÖ÷¼ü±ØÐëΪ±êʶÁУ¬[ID] int IDENTITY (1,1)
1.·ÖÒ³·½°¸Ò»£º(ÀûÓÃNot InºÍSELECT TOP·ÖÒ³)
Óï¾äÐÎʽ£º
SELECT TOP Ò³¼Ç¼ÊýÁ¿ *
from ±íÃû
WHERE (ID NOT IN
(SELECT TOP (ÿҳÐÐÊý*(Ò³Êý-1)) ID
from ± ......