1.查找注入點
2.猜解表名
3.猜解字段名的用戶和密碼段
4.猜解用戶和密碼
5得到前臺和後臺密碼
6.得到webshell
7.上傳文件
8.留web後門
http://www.51cnet.com/index.php?op=article&file=read&aid=46
http://www.51cnet.com/index.php?op=article&file=read&aid=137
http://www.sensepost.com/misc/SQLinsertion.htm
http://hackbase.com/News/59/20040830/7845.htm
http://hackbase.com/News/59/20040830/7845.htm
http://computer.mblogger.cn/sprite/posts/14051.aspx
http://www.enet.com.cn/eschool/inforcenter/A20040508307433.html