SQL injection database operation foundation

1. Connect to database

Enter the command ：mysql -u root -p

1. Display all database names in the system

Enter the command ：show databases;

1. New database student

command ：create database student;

View results ：show databases;

1. Using a database student

command ：use student;

1. In the database student Create a table result

command ：create table result(id int(8),name varchar(20),city varchar(20),score int(5));

1. In the table result Add data to

stay result Insert five rows of data ：

command ：insert into result(id,name,city,score) values(1,"wang", "beijing",75);

insert into result(id,name,city,score) values(1,"li", "shanghai",80);

insert into result(id,name,city,score) values(5,"chen", "fuzhou",70);

insert into result(id,name,city,score) values(2,"zhou", "xian",90);

insert into result(id,name,city,score) values(7,"han", "guangzhou",65);

After successful insertion , use select * from result; Command query result Everything in the table ：

1. In the table result Delete in 1 Data

Delete id=7 The data of

Commands available ：delete from result where id=7;

View the results after deletion ：select * from result;

1. Modify table result Medium 1 Data

modify id=5 The data of , Put it score Set to 60

command ：update result set score=60 where id=5;

View the results after successful modification ：select * from result;

1. Query table result Data in

command ：select * from result;// All fields in the query table

select name,score from result;

// Look up name and score Field

select score from result where name="li";

// see name by li Credits of students

The second part ：Mysql（MariaDB） Advanced operation

1. order by Usage of

1. take result The data in the table is calculated according to the score （score） Sort from high to low ：

command ：select * from result order by score desc;

among ,desc Representation of descending order （ Decline ）; If from low to high （ Arrange in ascending order ）, Then you can put desc

Switch to asc; If you don't add this parameter , By default, they are arranged in ascending order

1. Try the following commands ：

select id,name,score from result order by 1;

Normal display with id The result of ascending order .

select id,name,score from result order by 2;

Normal display with name The result of ascending order .

1. limit Usage of

The basic format is ：

limit M,N

// Says from the first M+1 Data starts Query down in sequence N Data

limitM

// Indicates before query M Data

Try to perform the following two tasks

select *  from result limit 0,2;

// The first... In the query table 2 Data

select id,name ,score from result limit 1,3;

// From 2 This data starts from , Look down 3 Of data id、name and score Field

3. union select Usage of

(1) select * from result union select 1,2,3,4;

The query result of this statement , That is select * from result and select 1,2,3,4 Splicing of query results .

(2） Try the following 3 statement :

select id,name ,score from result union select 1,2,3;

Normal display !

select id,name ,score from result union select 1,2;

Report errors ！

select id,name ,score from result union select 1,2,3,4;

Report errors ！

From the above results, we can sum up , For the following commands :

select c1,c2,. . . ,cn from result union select d1,d2, . . .dm;

The second half of the sentence union select Number of fields queried (m） Must be the same as the first half of the sentence select Number of fields queried （n

equal , The database can display the results normally . And order by be similar , This feature can be used to judge the number of fields queried in the database .

(3） Try the following statement

select id,city from result where id=1 and 1=2 union select name ,score from result;

From the above results, we can sum up , When the field name is known , An attacker simply places the field anywhere it can be displayed , You can expose the value of this field .

4. union select combination information_schema database

MySQL (MariaDB)5.5 The above version comes with information_schema database , It's about MySQL Information about all other databases maintained by the server , Such as database name 、 Table of database 、

Data type and access right of table column . You can put information_schema Database as MySQL

(MariaDB） Of “ Catalog "!

(1） Try to execute the following two statements :

show databases ;

select schema_name from information_schema.schemata;

The execution results of the two statements are the same ！