Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker course > Content
Hot Articles
SmoothWall Introduces Lo
Travel of the JSP+Oracle
Hacker skill: Gains Webs
Breaks through the Inter
MYSQL database injection
The Tomcat backstage tak
Breaks through the Inter
The hacker teaches you a
WinHex pursues the code
How does the hacker dest
How teaches you to take
The SQL injection revise
mssql SA jurisdiction ne
Microsoft SQL Server SA
The bored Css cross stat
Recommend Articles
The SQL injection revise
How does the hacker dest
The new military recruit
Union inquires the small
MYSQL database injection
Invades under new skill
How does the website scr
Smells searches works as
How in does the net seep
Microsoft SQL Server SA
A simple invasion, does
The mainstream raises th
The bored Css cross stat
The random combined comm
The hacker teaches you a
New Articles
Check Point offers compa
The malware spreads Cali
Full Disk Encryption pro
Cardholders should take
U.S. still more spam tha
Strong encryption L?solu
ConvexSoft DJ Audio Mixe
Few companies k?can be i
IT professionals can kee
k the media?can not by s
k the media?can not by s
Google Custom Search Eng
Users of the iPhone and
Gateshead College offers
Manchester obtained pass
How does the website script pour into examines bypasses the limit
  Add date: 07/11/2008   Publishing date: 07/11/2008   Hits: 51
Total 2 pages, Current page:1, Jump to page:
 

Thought suddenly whether we can use what method to bypass the limit which SQL pours into? To-line inspected, mentioned the method mostly is aims at AND with “'” and “=” the filtration breakthrough, although a little progressive place, but has some key words not to bypass, because I not often invade the website, therefore does not dare to the above filtration effect to carry on the commentary, what but may be affirmative, the effect will not be good ...... 

After mine collection, majority of against poured into the procedure to filter the following key words: 

and | select | update | chr | delete | %20from | ; | insert | mid | master. | set | = 

But here most difficult to process is select this key words, then how we did break through them? Although the question has not solved completely, but says with everybody shares, hoped that can offer a few ordinary introductory remarks so that others may offer their valuable ideas. 

Regarding the key words filtration, the following is I collects as well as my some ideas. 

1st, bypasses using the coding technique 

If the URLEncode code, the ASCII code bypasses. For example or 1=1 namely

%6f%72%20%31%3d%31, but Test may also be CHAR(101)+CHAR(97)+CHAR(115)+CHAR(116).


2nd, bypasses through the blank space 

If two blank spaces replace a blank space, replaces the blank space with Tab and so on, or deletion all blank spaces, like

or' swords' = `swords' 
, as a result of the mssql looseness, we may 'between the swords' blank space remove or, does not affect the movement. 

3rd, replaces using the string of character judgment 

Judgment bypasses with classics or the 1=1, like

or 'swords' = ' swords'
, this method is on-line at the discussion. 

4th, bypasses through type conversion beautification symbol N 

May say that this is a good idea, he except can bypass the limit to a certain extent, moreover is also able to discriminate the function, everybody think well. About use, if or 'swords' = N' swords', capital letter N tells mssql the server string of character to take the nvarchar type, it plays the type conversion the role, does not affect the injection sentence itself, but may evade based on knowledge pattern matching IDS. 

5th, opens the solution string of character through + the number to bypass 

The effect is worth researching, but is one method after all. Like 

or 'swords' = `sw' + ' ords'; EXEC (`IN' + ' SERT INTO '+ ' ..... ') 


6th, bypasses through LIKE 

Before how hasn't thought? If or 

'swords' LIKE 'sw'
!!! Obviously may very relaxed round

“=” “>”
Limit ...... 

7th, bypasses through IN 

Is similar with the above LIKE mentality, like

or 'swords' IN ('swords') 

8th, bypasses through BETWEEN 

If or 'swords' BETWEEN 'rw' AND 'tw' 

9th, through > or < bypasses 

or 'swords' > 'sw' 
or 'swords' < 'tw' 
or 1<3 

...... 

10th, bypasses using the annotation sentence 

 

Other pages: : 1 * 2 * Next>>
Prev:Invades under new skill - CMD to add the sql account number Next:Smells searches works as machine little enlightenment

Comment:

Category: Home > hacker course
Home