现在有一条SQL是这样的:
SELECT * FROM member WHERE username = params LIMIT 1
params是一个用户输入的变量,假设我已知所有库表字段,且只能执行一条SQL语句的情况下(项目的ORM执行的),params的值怎么填,会变成对数据库/数据表/表数据 有害的一条SQL
当前位置:网站首页>怎样做才能让这条SQL变成一条危险的SQL?
怎样做才能让这条SQL变成一条危险的SQL?
2022-08-01 23:11:00 【segmentfault】
其他答案1:
SELECT * FROM member WHERE username = "params" LIMIT 1params = '" or (delete * from member) or username="';
拼合就变成了SELECT * FROM member WHERE username = "" or (delete * from member) or username="" LIMIT 1
但是这是理论情况,实际上大部分框架都内置了一些处理,不是那么容易注入的,比如变量中的双引号自动做转义,这样就变成SELECT * FROM member WHERE username = "\" or (delete * from member) or username=\"" LIMIT 1,然后无害了。
简单来说,不要自己去拼SQL,而是利用对象提供的方法去处理就好了。php不是一般都$query->from('member')->where('username', params)->fetch()这样吗。
其他答案2:
SQL注入啊,用 预编译 解决
边栏推荐
猜你喜欢
DRF generating serialization class code
联邦学习的框架搭建
cmd指令
解决yolov5训练时出现:“AssertionError: train: No labels in VOCData/dataSet_path/train.cache. Can not train ”
联邦学习在金融领域的发展和应用
System availability: 3 9s, 4 9s in SRE's mouth... What is it?
SRv6 L3VPN的工作原理
请问什么是 CICD
From 0 to 1: Design and R&D Notes of Graphic Voting Mini Program
xctf attack and defense world web master advanced area web2
随机推荐
chrome copies the base64 data of an image
PHP算法之有效的括号
excel split text into different rows
华为无线设备配置双链路冷备份(AP指定配置方式)
从0到1:图文投票小程序设计与研发笔记
D - Linear Probing- 并查集
Create virtual environments with virtualenv and Virtualenvwrapper virtual environment management tools
ROS2初级知识(8):Launching启动多节点
IDEA入门看这一篇就够了
xctf attack and defense world web master advanced area web2
联邦学习在金融领域的发展和应用
Postman batch test interface detailed tutorial
对于在新标签页中打开的链接,始终使用“noopener”或“noreferrer”
excel clear format
PHP算法之最接近的三数之和
最短路模板
From 0 to 100: Notes on the Development of Enrollment Registration Mini Programs
UML diagram of soft skills
Access the selected node in the console
npm npm