当前位置:网站首页>Sqli labs level 1
Sqli labs level 1
2022-07-02 08:33:00 【Defeat of Fujiwara Qianhua】
A record article written hastily
Concept
SQL Injection is to splice malicious code into normal database queries , Cause database information leakage and other hazards .
I think
To understand SQL Inject , Need a little knowledge of Network Planning , Better know Web The whole process of development , What technologies are used in the middle , Why do you need this technology . Of course , You first have to understand databases and SQL Inquire about , And programming language and SQL The combination of languages ( Recommend a Book 《 Introduction to Database System 》). With these foundations ,SQL Injection will naturally understand .
Customs clearance ideas
Input id, Login normal 
Try closing statement 
Single quote error , It is speculated that the backend query statement is :
select * from table where id = ’ input ’
adopt order by enumeration , The number of fields is 3
Because there is a lot of echo information , Priority joint injection 
It can be seen from the above figure , The first 2、 The first 3 Fields are echo information , Therefore, it can be constructed payload, Start injecting
Library name :
Table name :
http://127.0.0.1/sqli-labs/Less-1/?id=-1’ union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=‘security’ --+
Field name :
Field contents :
union select 1,2,group_concat(users,0x7e,password) from users --+
I've read several tutorials and the records when doing questions
1、 Different input id, There are different echo results , Guess backstage sql Statement for :select * from table where id= input;
2、 Single quote test , Report errors , Speculation backstage sql Statement for :select * from table where id = ‘input’;
3、 Construction statement , Single quote closure ,order by 4 error ---->3 Column fields ,select 1,2,3,–> Echo location ;
4、 Joint injection : union select 1,2,( Construct statements to query information )–+
1. Look for loopholes
2. Guess the number of fields
3. Get the database name
4. Look up the table
5. Check the field name and field value
边栏推荐
- File upload Labs
- ICMP Protocol
- Global and Chinese market of wire loop, 2022-2028: Research Report on technology, participants, trends, market size and share
- Matlab other
- Use C language to receive JSON strings
- Detailed explanation of NIN network
- 2022 Heilongjiang latest food safety administrator simulation exam questions and answers
- KubeSphere 虚拟化 KSV 安装体验
- Generate database documents with one click, which can be called swagger in the database industry
- 程序猿学英语-Learning C
猜你喜欢
ICMP Protocol
使用Matplotlib绘制图表初步
Smart agriculture solutions smart agriculture system development
web安全--逻辑越权
Data asset management function
Method recursion (Fibonacci sequence, frog jumping steps, tower of Hanoi problem)
樂理基礎(簡述)
c语言自定义类型枚举,联合(枚举的巧妙使用,联合体大小的计算)
sqli-labs第8关(布尔盲注)
Simple implementation scheme of transcoding and streaming (I)
随机推荐
Introduction to parameters of CarSim pavement 3D shape file
实现双向链表(带傀儡节点)
sqli-labs第2关
web安全--逻辑越权
Matlab-其它
Realization of basic function of sequence table
2022 Heilongjiang's latest eight member (Safety Officer) simulated test question bank and answers
c语言自定义类型——结构体,位段(匿名结构体,结构体的自引用,结构体的内存对齐)
VS Code配置问题
力扣方法总结:双指针
install. IMG production method
Live broadcast platform development, flexible menu, and freely adjust the horizontal size of the menu bar
Global and Chinese markets of tilting feeders 2022-2028: Research Report on technology, participants, trends, market size and share
Chinese garbled code under vscade
Carsim-路面3D形状文件参数介绍
Viewing JS array through V8
Don't know mock test yet? An article to familiarize you with mock
Use of OpenCV 6.4 median filter
Carla-UE4Editor导入RoadRunner地图文件(保姆级教程)
MySQL optimization