Injection notes-database judgment

After learning the injection statement and explanation of the injection statement, many friends may not distinguish and determine whether the injected website uses a database, in this lesson, we will learn how to use injection points to determine the database type. Go to the topic.

To enable the website to report errors, you must first remove the browser settings. Otherwise, the error message will not be displayed,

Setting Method: Open the browser-tools-internet Options-advanced-find the http Error message to remove the front check mark

After the preparation is complete, we can determine the process. Otherwise, the information we want will not be displayed.

Let's take a look at the access database.

FirstHttp://www.zxw114.com.cn/news/news_list.asp? Id = 35203Add a single quotation mark.

If an error occurs, Microsift JET Databse Ebgine indicates that the code of JET is an Access database.

If the above error is not displayed, We can first use SQL server to check whether it is an SQL server or mysql. If not, it is likely to be an access database.

Certificate ---------------------------------------------------------------------------------------------------------------------------------------------

Next, let's look at the SQL Server database error.

Note: SQL Server is also referred to as mssql

Let's take a look at this site:Http://www.gwytb.gov.cn/lajm/tzqyxh0.asp? Lajm_m_id = 60Add a single quotation mark.

General error: Microsoft ole db Provider for ODBC Drivers. What does mysql mean here? Believe it? So let's take a look at this URL in the ah d.


So what if the website does not report an error? For example, if we enter single quotes on the website, the content disappears. If no prompt is displayed, You can query the built-in table of mssql to determine the result,

Command: and exists (select * from sysobjects )--

The page returns normal, indicating that we have queried this table and can infer that the data on this website is mssql. If an error is reported, the error does not exist after a long time.

We can also use and user> 0 to judge.

Note: The user is the built-in user group of mssql.

This method is generally used or an error occurs, such:

Microsoft ole db Provider for ODBC Drivers error 80040e14

[Microsoft] [odbc SQL Server Driver] [SQL Server] row 1st:> There Is A syntax error nearby.

/Lajm/tzqyxh0.asp, row 21

Bytes ------------------------------------------------------------------------------------------------------------------------------

Next, let's take a look at the websites built in the mysql environment. mysql rarely reports such errors. So how can we differentiate them? We can add/* Or/# To the back of the website to determine, if the returned result is normal, it is mysql.

Http://www.runjiapt.cn/product.php? Id = 11This site is a php website. Generally, php is built with mysql. Let's take a look.

Enter/# Behind the website /#

Enter the correct ID in the pop-up window. Let's take a look at the result /*.

Return to the normal page.

The specific implementation principle of this method has not been answered yet.