神马作文网1' union select * from [ADM] union select *
来源:学生作业帮 编辑:神马作文网作业帮 分类:综合作业 时间:2024/11/19 09:49:56
1' union select * from [ADM] union select *
![1' union select * from [ADM] union select *](/uploads/image/z/16490613-21-3.jpg?t=1%26%2339%3B+union+select+%2A+from+%5BADM%5D+union+select+%2A)
union就是联合的意思.把两标拼接起来. 当两表的结构或者所选择的字段相同时候才可以使用Union方法.否则会出错. ----------------- 那也要人家用了字符串拼接的SQL语句你这台才能用.用PROC注入不了的. ####### 打个比方 原始的SQL是 SELECT * FROM [ADM] WHERE USERID='ADMIN' AND PASSWORD = 'PASS' 你现在在ADMIN或者PASS的地方插入你的那个语句 也就变成了 SELECT * FROM [ADM] WHERE USERID='ADMIN' AND PASSWORD = '1' union select * from [ADM] union select * from [ADM] where '1'='1' 前面那个SELECT * FROM [ADM] WHERE USERID='ADMIN' AND PASSWORD = '1' 肯定什么数据都不会出来的. 但是下面还有一句UNION select * from [ADM] union select * from [ADM] where '1'='1' 而最后的1=1这个条件就是真,所以会把[ADM] 所有的数据都给抽出来.
麻烦采纳,谢谢!
麻烦采纳,谢谢!
select * from a union select * from b 能详细说下么
select count(1) from emp
SELECT
select * from book where 1=1
select*from ‘ * ’ 的意义?
select * from book limit ,
SELECT sum(1) FROM table;和SELECT count(1) FROM table;
SQL语句理解 select * from B where (select count(1) as num from A
select count(c) from (select b from TUserBankLogSum b group
select max(account_id ) from(select top 5 account_id from ac
select count(*) from table1 select count(*) from table2 sele
select * from teacher where s_id in(select s_id from student