当前位置:网站首页>Sqli labs level 1
Sqli labs level 1
2022-07-02 08:33:00 【Defeat of Fujiwara Qianhua】
A record article written hastily
Concept
SQL Injection is to splice malicious code into normal database queries , Cause database information leakage and other hazards .
I think
To understand SQL Inject , Need a little knowledge of Network Planning , Better know Web The whole process of development , What technologies are used in the middle , Why do you need this technology . Of course , You first have to understand databases and SQL Inquire about , And programming language and SQL The combination of languages ( Recommend a Book 《 Introduction to Database System 》). With these foundations ,SQL Injection will naturally understand .
Customs clearance ideas
Input id, Login normal 
Try closing statement 
Single quote error , It is speculated that the backend query statement is :
select * from table where id = ’ input ’
adopt order by enumeration , The number of fields is 3
Because there is a lot of echo information , Priority joint injection 
It can be seen from the above figure , The first 2、 The first 3 Fields are echo information , Therefore, it can be constructed payload, Start injecting
Library name :
Table name :
http://127.0.0.1/sqli-labs/Less-1/?id=-1’ union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=‘security’ --+
Field name :
Field contents :
union select 1,2,group_concat(users,0x7e,password) from users --+
I've read several tutorials and the records when doing questions
1、 Different input id, There are different echo results , Guess backstage sql Statement for :select * from table where id= input;
2、 Single quote test , Report errors , Speculation backstage sql Statement for :select * from table where id = ‘input’;
3、 Construction statement , Single quote closure ,order by 4 error ---->3 Column fields ,select 1,2,3,–> Echo location ;
4、 Joint injection : union select 1,2,( Construct statements to query information )–+
1. Look for loopholes
2. Guess the number of fields
3. Get the database name
4. Look up the table
5. Check the field name and field value
边栏推荐
- Opencv common method source link (continuous update)
- Carsim-实时仿真的动画同步问题
- 16: 00 interview, came out at 16:08, the question is really too
- Use the kaggle training model and download your own training model
- TCP/IP—传输层
- Fundamentals of music theory (brief introduction)
- C language replaces spaces in strings with%20
- Deep understanding of JVM
- 使用Matplotlib绘制图表初步
- Force deduction method summary: double pointer
猜你喜欢
Opencv3 6.3 reduced pixel sampling with filters
KubeSphere 虚拟化 KSV 安装体验
ICMP协议
zipkin 简单使用
Carsim-问题Failed to start Solver: PATH_ID_OBJ(X) was set to Y; no corresponding value of XXXXX?
旋转链表(图解说明)
文件上传-upload-labs
CarSim learning experience - rough translation 1
VS Code配置问题
Valin cable: BI application promotes enterprise digital transformation
随机推荐
Carsim-实时仿真的动画同步问题
SQL operation database syntax
How to build the alliance chain? How much is the development of the alliance chain
实现双向链表(带傀儡节点)
Summary of one question per day: stack and queue (continuously updated)
Use Wireshark to grab TCP three handshakes
zipkin 简单使用
STL quick reference manual
Hcia - Application Layer
How to apply for a secondary domain name?
Principes fondamentaux de la théorie musicale (brève introduction)
The source code of the live app. When the verification method is mailbox verification, the verification code is automatically sent to the entered mailbox
Use the kaggle training model and download your own training model
Using C language to realize MySQL true paging
Gateway 简单使用
Detailed explanation of NIN network
Use of OpenCV 6.4 median filter
用数字 5,5,5,1 ,进行四则运算,每个数字当且仅当用一次,要求运算结果值为 24
On November 24, we celebrate the "full moon"
High school mathematics compulsory one