关于insert|update|delete注入中的tips

 2.updatexml()、extractvalue()、name_const()函数的使用

 3.I’ve noticed some variations in our payload. You can inject using these methods too. 

    ' or (payload) or ' 

    ' and (payload) and ' 

    ' or (payload) and ' 

    ' or (payload) and '=' 

    '* (payload) *' 

    ' or (payload) and ' 

    " – (payload) – "

posted @ 2014-11-02 13:26  anything good  阅读(157)  评论(0编辑  收藏  举报
孤 's 博客