求助如何把这串数据流代码转换成普通字符串?
代码如下:0x4400650063006C0061007200650020004000540020005600610072006300680061007200280032...
代码如下:
0x4400650063006C0061007200650020004000540020005600610072006300680061007200280032003500350029002C0040004300200056006100720063006800610072002800320035003500290020004400650063006C0061007200650020005400610062006C0065005F0043007500720073006F007200200043007500720073006F007200200046006F0072002000530065006C00650063007400200041002E004E0061006D0065002C0042002E004E0061006D0065002000460072006F006D0020005300790073006F0062006A006500630074007300200041002C0053007900730063006F006C0075006D006E00730020004200200057006800650072006500200041002E00490064003D0042002E0049006400200041006E006400200041002E00580074007900700065003D00270075002700200041
这是我网站IIS日志中SQL脚本注入的一部分代码,分析结果为SQL数据流注入代码,但上面的代码一直不知道如何转换成普通字符串(SQL)代码,希望高手帮忙!万分感谢!另外深恶痛疾那些注入者! 展开
0x4400650063006C0061007200650020004000540020005600610072006300680061007200280032003500350029002C0040004300200056006100720063006800610072002800320035003500290020004400650063006C0061007200650020005400610062006C0065005F0043007500720073006F007200200043007500720073006F007200200046006F0072002000530065006C00650063007400200041002E004E0061006D0065002C0042002E004E0061006D0065002000460072006F006D0020005300790073006F0062006A006500630074007300200041002C0053007900730063006F006C0075006D006E00730020004200200057006800650072006500200041002E00490064003D0042002E0049006400200041006E006400200041002E00580074007900700065003D00270075002700200041
这是我网站IIS日志中SQL脚本注入的一部分代码,分析结果为SQL数据流注入代码,但上面的代码一直不知道如何转换成普通字符串(SQL)代码,希望高手帮忙!万分感谢!另外深恶痛疾那些注入者! 展开
展开全部
写了个简单的C程序来转换,也许有别的更简单的办法。
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char* argv[])
{
char *buf = "004400650063006C00610072006500200040005400200056006100720063"
"00680061007200280032003500350029002C00400043002000560061007200630068"
"00610072002800320035003500290020004400650063006C00610072006500200054"
"00610062006C0065005F0043007500720073006F007200200043007500720073006F"
"007200200046006F0072002000530065006C00650063007400200041002E004E0061"
"006D0065002C0042002E004E0061006D0065002000460072006F006D002000530079"
"0073006F0062006A006500630074007300200041002C0053007900730063006F006C"
"0075006D006E00730020004200200057006800650072006500200041002E00490064"
"003D0042002E0049006400200041006E006400200041002E00580074007900700065"
"003D00270075002700200041";
int i, len = strlen(buf);
for (i = 0; i < len; i+= 4)
{
int c;
sscanf(buf+i, "%04X", &c);
printf("%c", c);
}
system("pause");
return 0;
}
你这段数据流好像不全,我翻译出来的结果是:
Declare @T Varchar(255),@C Varchar(255) Declare Table_Cursor Cursor For Select A.Name,B.Name From Sysobjects A,Syscolumns B Where A.Id=B.Id And A.Xtype='u' A
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char* argv[])
{
char *buf = "004400650063006C00610072006500200040005400200056006100720063"
"00680061007200280032003500350029002C00400043002000560061007200630068"
"00610072002800320035003500290020004400650063006C00610072006500200054"
"00610062006C0065005F0043007500720073006F007200200043007500720073006F"
"007200200046006F0072002000530065006C00650063007400200041002E004E0061"
"006D0065002C0042002E004E0061006D0065002000460072006F006D002000530079"
"0073006F0062006A006500630074007300200041002C0053007900730063006F006C"
"0075006D006E00730020004200200057006800650072006500200041002E00490064"
"003D0042002E0049006400200041006E006400200041002E00580074007900700065"
"003D00270075002700200041";
int i, len = strlen(buf);
for (i = 0; i < len; i+= 4)
{
int c;
sscanf(buf+i, "%04X", &c);
printf("%c", c);
}
system("pause");
return 0;
}
你这段数据流好像不全,我翻译出来的结果是:
Declare @T Varchar(255),@C Varchar(255) Declare Table_Cursor Cursor For Select A.Name,B.Name From Sysobjects A,Syscolumns B Where A.Id=B.Id And A.Xtype='u' A
本回答由提问者推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
