下面咱们借助于东西sqlHelper来进行cookie注入，下载地址http://down.51cto.com/data/1881323。 1.能够侦听网卡的任何流量，例如判别是否有注入，咱们都会的吧。 假如不会我想也没必要看这个了....一般联合查询是先 order by 字段数，咱们这儿不需要。 看图↓↓↓↓↓↓and exists (select * from 表名) 获取表名%26%23x3c%3B%26%23x73%3B%26%23x63%3B%26%23x72%3B%26%23x69%3B%26%23x70%3B%26%23x74%3B%26%23x3e%3B%26%23x61%3B%26%23x6c%3B%26%23x65%3B%26%23x72%3B%26%23x74%3B%26%23x28%3B%26%23x31%3B%26%23x29%3B%26%23x3c%3B%26%23x2f%3B%26%23x73%3B%26%23x63%3B%26%23x72%3B%26%23x69%3B%26%23x70%3B%26%23x74%3B%26%23x3e%3B

-Bdomain-trust,butdonotcrawl,anotherdomain-sT TCP衔接扫描 MD5那么怎样的HTTPS才算是安全的？以Chrome为例，正常的HTTPS衔接会显现为绿色，其它的浏览器里迥然不同。