SQL手工注入 靶机:metasploitable(低) 1.当无权读取infomation_schema库[MySQL最重要的源数据库,必须有root权限]/拒绝union.order by语句 #若不为root a.猜列名: ' and coclumn is null--+ [并且列有一个字段为空,正常执行,若没有空字段,且该列存在,返回空白内容:若列不存在,则报错](可确定语句可插入数据库运行) 例如:' and asd is null--+ 使用kali集成的字典
查看服务名: show parameter service 查看实例名: select * from v$instance; 查看数据库名: select name from v$database; 查看数据库用到几个表空间: select distinct TABLESPACE_NAME from tabs:
主库:192.168.1.250 从库:192.168.1.199 主库 my.ini # For advice on how to change settings please see # http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html # *** DO NOT EDIT THIS FILE. It's a template which will be copied to the # ***
create user 'wechat'@'192.168.10.%' identified by 'xxxxx'; create database 库名DEFAULT CHARSET utf8 COLLATE utf8_general_ci; grant all privileges on 库名.* to 'wechat'@'192.168.10.%' identified by 'xxxxx';