- 论坛徽章:
- 1
|
基本和tcpdump差不多,用pcap库
先贴几行结果测试下,由于单机,只能抓取 lo 接口,
filter condition: tcp dst port 3306
compile: Success
type->6,2008-12-29 00:41:34|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|select * from mysql.db
type->6,2008-12-29 00:41:42|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|update t set id=1 where id=1
type->6,2008-12-29 00:41:42|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|select * from t
type->6,2008-12-29 00:41:42|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|select * from t where id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id='1' and id=2 and id=10 or id like '%asdas%' and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id='1' and id=2 and id=10 or id like '%asdas%' and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and id=1 and
id=1 and id='1' and id=2 and id=987654321
type->6,2008-12-29 00:41:42|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|select * from t left join t2 using(id) where id=2
type->6,2008-12-29 00:41:42|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|insert into t(id) values(2)
type->6,2008-12-29 00:46:58|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|insert into t(id) values('你好')
type->6,2008-12-29 00:47:13|(ip_info->ip_off:64)10.5.5.101(th_info->doff:8)|insert into t(id) values('支持中文')
|
[ 本帖最后由 猪知猪之道 于 2008-12-29 00:48 编辑 ] |
|