当前位置:网站首页>SQL injection Less42 (POST type stack injection)
SQL injection Less42 (POST type stack injection)
2022-07-31 22:52:00 【HUAWEI CLOUD】
Pre-knowledge: SQL Injection Less38 (Stacked Injection)
The page of this question is similar to secondary injection, but we can't register users, so we can't use secondary injection.
White box audit, view code
$username = mysqli_real_escape_string($con1, $_POST["login_user"]);$password = $_POST["login_password"];Only the username is escaped, but not the password, so the password is a breakthrough
Test the password with a passcode' or 1=1#
But why do we enter admin but log in as Dumb.
Because the SQL here is
SELECT * FROM users WHERE username='admin' and password='' or 1=1 #' And the priority of and is higher than or.So this statement is equivalent to
select * from users where 1Then the result is the entire users table.And Dumb is in the first row, so it is Dumb that is logged in.
Use password for stack injection
Enter the username at will
Password';drop table users;
https://blog.csdn.net/weixin_43901998/article/details/107566100
边栏推荐
- Commonly used security penetration testing tools (penetration testing tools)
- [Code Hoof Set Novice Village 600 Questions] Merge two numbers without passing a character array
- 程序进程和线程(线程的并发与并行)以及线程的基本创建和使用
- HTC using official firmware as bottom bag made ROM brush card bag tutorial
- 二叉树非递归遍历
- IJCAI2022 | 代数和逻辑约束的混合概率推理
- (26)Blender源码分析之顶层菜单的关于菜单
- HTC使用官方固件作为底包制作rom卡刷包教程
- A high-quality WordPress download site template theme developed abroad
- Pytest初体验
猜你喜欢
flowable workflow all business concepts
不知道该怎么办的同步问题
什么是客户画像管理?
IDA PRO中汇编结构体识别
基于单片机GSM的防火防盗系统的设计
Document management and tools in the development process
Network security - crack WiFi through handshake packets (detailed tutorial)
Judging decimal points and rounding of decimal operations in Golang
【Acwing】The 62nd Weekly Game Solution
Student management system on the first day: complete login PyQt5 + MySQL5.8 exit the operation logic
随机推荐
The difference between adding or not adding the ref keyword when a variable of reference type is used as a parameter in a method call in C#
cas and spin locks (is lightweight locks spin locks)
数据分析(一)——matplotlib
The difference between adding or not adding the ref keyword when a variable of reference type is used as a parameter in a method call in C#
HTC使用官方固件作为底包制作rom卡刷包教程
Istio introduction
SQL注入 Less47(报错注入) 和Less49(时间盲注)
AI automatic code writing plugin Copilot (co-pilot)
Recognize anomalies (you will understand after reading this)
Pytorch lstm time series prediction problem stepping on the pit "recommended collection"
Student management system on the first day: complete login PyQt5 + MySQL5.8 exit the operation logic
基于单片机GSM的防火防盗系统的设计
「SDOI2016」征途 题解
focus on!Haitai Fangyuan joins the "Personal Information Protection Self-discipline Convention"
Drawing process of hand-drawn map of scenic spots
[Code Hoof Set Novice Village 600 Questions] Leading to the combination of formulas and programs
[QNX Hypervisor 2.2用户手册]9.15 suppress
Pytest初体验
#yyds干货盘点# 面试必刷TOP101:链表中环的入口结点
HTC using official firmware as bottom bag made ROM brush card bag tutorial