利用SQL Server的注入漏洞实现猜解数据库名，表名，字段名及记录的信息，由于网速的原因，目前限制了只能同时猜解前5个字段值的记录信息。另外实现了三种方式执行系统命令，同时可回显显示。-use SQL Server injection vulnerability achieve guess Solutions database name, table names, field names and the information recorded, the speed network, currently restricts the solution can only guess the same time, the former five field value of the recorded information. Another three ways to achieve the implementation of system orders, which can also be marked to show.