Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

¹È¸èɵ¹ÏʽSQL×¢Éä(Google dorks sql injection)

Google dorks sql injection:
inurl:index.php?id=  
inurl:trainers.php?id=  
inurl:buy.php?category=  
inurl:article.php?ID=  
inurl:Play_old.php?id=  
inurl:declaration_more.php?decl_id=  
inurl:Pageid=  
inurl:games.php?id=  
inurl:Page.php?file=  
inurl:newsDetail.php?id=  
inurl:gallery.php?id=  
inurl:article.php?id=  
inurl:show.php?id=  
inurl:staff_id=  
inurl:newsitem.php?num=  
inurl:readnews.php?id=  
inurl:top10.php?cat=  
inurl:historialeer.php?num=  
inurl:reagir.php?num=  
inurl:Stray-Questions-View.php?num=  
inurl:forum_bds.php?num=  
inurl:game.php?id=  
inurl:view_product.php?id=  
inurl:newsone.php?id=  
inurl:sw_comment.php?id=  
inurl:news.php?id=  
inurl:avd_start.php?avd=  
inurl:event.php?id=  
inurl:Product-item.php?id=  
inurl:sql.php?id=  
inurl:news_view.php?id=  
inurl:select_biblio.php?id=  
inurl:humor.php?id=  
inurl:aboutbook.php?id=  
inurl:fiche_spectacle.php?id=  
inurl:communique_detail.php?id=  
inurl:sem.php3?id=  
inurl:kategorie.php4?id=  
inurl:news.php?id=  
inurl:index.php?id=  
inurl:faq2.php?id=  
inurl:show_an.php?id=  
inurl:Preview.php?id=  
inurl:loadpsb.php?id=  
inurl:Opinions.php?id=  
inurl:spr.php?id=  
inurl:Pages.php?id=  
inurl:announce.php?id=  
inurl:clanek.php4?id=  
inurl:Participant.php?id=  
inurl:download.php?id=  
inurl:main.php?id=  
inurl:review.php?id=  
inurl:chappies.php?


Ïà¹ØÎĵµ£º

SQL×Ö·û´®´¦Àíº¯Êý´óÈ«

selectÓï¾äÖÐÖ»ÄÜʹÓÃsqlº¯Êý¶Ô×ֶνøÐвÙ×÷£¨Á´½Ósql server£©£¬
select ×Ö¶Î1 from ±í1 where ×Ö¶Î1.IndexOf("ÔÆ")=1;
ÕâÌõÓï¾ä²»¶ÔµÄÔ­ÒòÊÇindexof£¨£©º¯Êý²»ÊÇsqlº¯Êý£¬¸Ä³Ésql¶ÔÓ¦µÄº¯Êý¾Í¿ÉÒÔÁË¡£
left£¨£©ÊÇsqlº¯Êý¡£
select ×Ö¶Î1 from ±í1 where charindex£¨'ÔÆ',×Ö¶Î1£©=1;
×Ö·û´®º¯Êý¶Ô¶þ½øÖÆÊý¾Ý¡¢×Ö·û´®º ......

SQL ´óÈ« ÐÄÓêÖ®¼Ò

1.°´ÐÕÊϱʻ­ÅÅÐò:
Select * from TableName Order By CustomerName Collate Chinese_PRC_Stroke_ci_as
2.Êý¾Ý¿â¼ÓÃÜ:
select encrypt('ԭʼÃÜÂë')
select pwdencrypt('ԭʼÃÜÂë')
select pwdcompare('ԭʼÃÜÂë','¼ÓÃܺóÃÜÂë') = 1--Ïàͬ£»·ñÔò²»Ïàͬ encrypt('ԭʼÃÜÂë')
select pwdencrypt('ԭʼÃÜÂë')
select pw ......

sql serverºÍoracleÐÐתÁеÄÒ»ÖÖµäÐÍ·½·¨

sql serverºÍoracleÐÐתÁеÄÒ»ÖÖµäÐÍ·½·¨
Ç°ÑÔ£ºÍøÉÏÓв»ÉÙÎÄÕÂÊǽ²ÐÐתÁеģ¬µ«ÊǴ󲿷ֶ¼ÊÇÖ±½ÓÌù´úÂ룬ºöÊÓÁËÖмä¹ý³Ì£¬±¾ÈË×Ô¼ºË¼¿¼ÁËÏÂΪʲôҪÕâÑùʵÏÖ£¬²¢ÇÒ×öÁËÈçϵıʼǣ¬¶ÔÓÐЩ¶®µÄÈËÀ´Ëµ¿ÉÄÜûÓмÛÖµ£¬Ï£Íû¶Ô»¹²»¶®µÄÈËÓÐÒ»µã½è¼øÒâÒå¡£
¶ÔÓÚÓÐЩҵÎñÀ´Ëµ£¬Êý¾ÝÔÚ±íÖеĴ洢ºÍÆä×îÖÕµÄGrid±íÏÖÇ¡ºÃÏ൱ÓÚ°ÑÔ ......

SQLÖ®Æß——Êý¾ÝÀàÐÍ£¬Á÷¿Ø

SQL2000µÄÊý¾ÝÀàÐͼ°³¤¶È
==============================
bigint 8
binary 8000
bit 1
char 8000
datetime 8
decimal 17
float 8
image 16
int 4
money 8
nchar 8000
ntext 16
numeric 17
nvarchar 8000
real 4
smalldatetime 4
smallint 2
smallmoney 4
sql_variant 8016
sysname 256
text 16
tim ......

SQLÖÐÈçºÎÓÃÒ»¸ö±í¸üÐÂÁíÒ»¸ö±í

for ACCESS :
update a, b set a.name=b.name1 where a.id=b.id
for SQL Server:
"update a set a.name=b.name1 from a,b where a.id=b.id"
update   a   set   a.status=b.status  
  from   table1   a,table2   b  
&nbs ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ