Ò׽ؽØÍ¼Èí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

5±¾¾­µäSQLµç×ÓÊé


SQL±¦µä

SQL±ØÖª±Ø»áµÚÈý°æ

SQLÈëÞ­µäµÚËİæ

Sams Teach Yourself SQL in 10 Minutes Third Edition

SQL The Complete Reference



Ïà¹ØÎĵµ£º

SQLλÔËËã

SQLλÔËËã
select 2|8       --10
select 2|8|1    --11
select 10&8    --8,°üº¬,10=8+2
select 10&2    --2,°üº¬,10=2+8
select 10&4    --0,²»°üº¬
select 19&16  --16,°üº¬,19=16+2+1
s ......

¹È¸èɵ¹ÏʽSQL×¢Éä(Google dorks sql injection)

Google dorks sql injection:
inurl:index.php?id=  
inurl:trainers.php?id=  
inurl:buy.php?category=  
inurl:article.php?ID=  
inurl:Play_old.php?id=  
inurl:declaration_more.php?decl_id=  
inurl:Pageid=  
inurl:game ......

ÔÚSQL Server 2005ÖÐÓô洢¹ý³ÌʵÏÖËÑË÷¹¦ÄÜ


ÏÖÔںܶàÍøÕ¾¶¼ÌṩÁËÕ¾ÄÚµÄËÑË÷¹¦ÄÜ£¬Óеĺܼòµ¥ÔÚSQLÓï¾äÀï¼ÓÒ»¸öÌõ¼þÈ磺where names like ‘%words%’¾Í¿ÉÒÔʵÏÖ×î»ù±¾µÄËÑË÷ÁË¡£
    ÎÒÃÇÀ´¿´¿´¹¦ÄÜÇ¿´óÒ»µã£¬¸´ÔÓÒ»µãµÄËÑË÷ÊÇÈçºÎʵÏֵģ¨ÔÚSQL¡¡£Ó£Å£Ò£Ö£Å£Ò£²£°£°£¯£²£°£°£µÍ¨¹ý´æ´¢¹ý³ÌʵÏÖËÑË÷Ëã·¨£©¡£
    ÎÒÃÇ ......

ÈýÖÖSQL·ÖÒ³·¨¡¾×ªÌû¡¿

Ó¦Ò»¸öÅóÓѵÄÒªÇó£¬ÌùÉÏÊղصÄSQL³£Ó÷ÖÒ³µÄ°ì·¨¡«¡«

±íÖÐÖ÷¼ü±ØÐëΪ±êʶÁУ¬[ID] int IDENTITY (1,1)

1.·ÖÒ³·½°¸Ò»£º(ÀûÓÃNot InºÍSELECT TOP·ÖÒ³)

Óï¾äÐÎʽ£º 
SELECT TOP Ò³¼Ç¼ÊýÁ¿ *
from ±íÃû
WHERE (ID NOT IN
  (SELECT TOP (ÿҳÐÐÊý*(Ò³Êý-1)) ID
  from ± ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØÍ¼ | ¸ÓICP±¸09004571ºÅ