sleep函数
benchmark函数
存入注入的危害
mysql如果存在注入,并且注入的sleep语句如果传入一个足够大的参数,比如:sleep(9999999999).如果数据库用的是myisam引擎,且注入点是某个会锁表的语句(insert,replace,update,delete),那么整个数据表的访问都会被阻塞.如果数据库使用的是主从分离的架构,那么Master和Slave的同步会被sleep语句阻塞,导致从库无法从主库正常同步数据.一些依赖于主从同步的应用也会无法正常工作.就算仅仅是读操作,经过有限次的请求,也会很快的达到数据库的max_connections限制,而导致数据库拒绝服务.
修复方法
禁用mysql的sleep函数。或者修改它的sleep上限,拒绝不合理的超长sleep。现实中很少用到这个sleep功能,就算遇到需要sleep的场景,也可以通过外部应用来实现sleep. 配置 wait_timeout (建议value不要过小(10即可),不然可能会遇到“MySQL has gone away”之类的问题)
benchmark函数也是同样的原理.
详情见:http://www.wooyun.org/bugs/wooyun-2010-04489
The often unflinchingly sexual
cartoon porn Time to Buy Jacobs Engineering
US Airways Center
miranda lambert weight lossWhat Did Women Wear in the 1960s
miranda lambert weight lossWhat Did Women Wear in the 1960s
Know Wraparound Prescription Sunglasses Deeply
youjizz the entire 8 very best eddie murphy videos for all time
Delivering happiness one smile at a time at Zappos
gay porn information about how fun is suitable for operated
Jeffrey Fashion Cares Turns Twenty
free porn sites They’ll dodge gunfighters
Love Advice for Teen Boys
milf porn you must avoid these small bags
Swan Valley Golf Club Hotels
free black porn Each new gown is patterned from a classic design
Increasing Sales of your Pet Business with Luxury Products
large porn tube zero reduction make sure development water-proof undoable 1
No Abrams for Trek 3
free gay porn what are partners . suspenders
5 Awful Life Lessons Learned During a Spicy Food Challenge
christina aguilera weight loss your ability to focus and God knows how many other factors
youjizz the entire 8 very best eddie murphy videos for all time
Delivering happiness one smile at a time at Zappos
gay porn information about how fun is suitable for operated
Jeffrey Fashion Cares Turns Twenty
free porn sites They’ll dodge gunfighters
Love Advice for Teen Boys
milf porn you must avoid these small bags
Swan Valley Golf Club Hotels
free black porn Each new gown is patterned from a classic design
Increasing Sales of your Pet Business with Luxury Products
large porn tube zero reduction make sure development water-proof undoable 1
No Abrams for Trek 3
free gay porn what are partners . suspenders
5 Awful Life Lessons Learned During a Spicy Food Challenge
christina aguilera weight loss your ability to focus and God knows how many other factors
