jianfen's blog

Information is beautiful

转载:http://www.lijiejie.com/mysql-injection-bypass-waf/MySQL注射的过滤绕过技巧[1]SQL注射的绕过技巧较多,此文仅做一些简单的总结。前文已经提到,最好利用的注射点:支持Union可报错支持多行执行、可执行系统命令、可HTTP Request等额外有利条件若[......]

阅读全文»


SELECT语句的逻辑执行顺序:sql 1.FROM 2.ON 3.JOIN 4.WHERE 5.GROUP BY 6.WITH CUBE or WITH ROLLUP 7.HAVING 8.SELECT 9.DISTINCT 10.ORDER BY 11.TOPPS:select 1; 其实每一步都会生成一张临时[......]

阅读全文»


2016唯品会互联网电商安全峰会2016乌云峰会RSA USA 2017FIT 2017链接:http://pan.baidu.com/s/1i476apf 密码:r9w3

阅读全文»


勿忘初心,方得始终.