Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CHTO TO DO IF SOMETHING FILTERS
- let us recall that the SQL type of design / ** / is equal
- to the gap
- There is an interesting function CHAR () which returns
- the code symbol itself simvol.Predpolozhim filtered
- character ... Well, let him be an asterisk (*). First, we
- need to know the code for this symbol. In MYSQL is a
- function ASCII () returns the leftmost character of the
- string passed to it so yuzaem
- SELECT ASCII ('*');
- only on a vulnerable host, do not make sense (The
- symbol '*' filtered) it must be done on the LAN. We
- learn that the code is 42 and yuzaem function CHAR ()
- so
- SELECT CHAR (42, 42, 42);
- Outputs three zvezdochki.Esche one way is to use a
- 16-hexadecimal character code. Now suppose that the
- filtered light bay 'login'. In MYSQL is a function of HEX
- () which issues a 16-hexadecimal code line. Yuzaetsya
- so
- SELECT HEX ( 'login');
- Will produce '6 C6F67696E 'ahead appends "0x" (To
- SQL realized he was dealing with a 16-hexadecimal
- encoding) and obtain '0 x6C6F67696E' is juzat without
- CHAR () so
- SELECT 0x6C6F67696E FROM User;
- either the CHAR () so
- SELECT CHAR (0x6C, 0x6F, 0x67, 0x69, 0x6E) FROM
- User;
- our lesson today was short...
- wait the final lesson ^_____*
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
