当前位置:网站首页>SQL injection Less42 (POST type stack injection)
SQL injection Less42 (POST type stack injection)
2022-07-31 22:52:00 【HUAWEI CLOUD】
Pre-knowledge: SQL Injection Less38 (Stacked Injection)
The page of this question is similar to secondary injection, but we can't register users, so we can't use secondary injection.
White box audit, view code
$username = mysqli_real_escape_string($con1, $_POST["login_user"]);$password = $_POST["login_password"];Only the username is escaped, but not the password, so the password is a breakthrough
Test the password with a passcode' or 1=1#
But why do we enter admin but log in as Dumb.
Because the SQL here is
SELECT * FROM users WHERE username='admin' and password='' or 1=1 #' And the priority of and is higher than or.So this statement is equivalent to
select * from users where 1Then the result is the entire users table.And Dumb is in the first row, so it is Dumb that is logged in.
Use password for stack injection
Enter the username at will
Password';drop table users;
https://blog.csdn.net/weixin_43901998/article/details/107566100
边栏推荐
- 标段参数说明
- [QNX Hypervisor 2.2用户手册]9.16 system
- Handwritten a simple web server (B/S architecture)
- Several methods for deleting specified elements in Golang slices
- Implementing a Simple Framework for Managing Object Information Using Reflection
- In Golang go-redis cluster mode, new connections are constantly created, and the problem of decreased efficiency is solved
- Fixed-length usage of nanopb string type based on RT1052 Aworks (27)
- "SDOI2016" Journey Problem Solution
- Commonly used security penetration testing tools (penetration testing tools)
- VOT2021 game introduction
猜你喜欢
Go1.18 upgrade function - Fuzz test from scratch in Go language
基于simulink的Active anti-islanding-AFD主动反孤岛模型仿真
20. Support vector machine - knowledge of mathematical principles
Judging decimal points and rounding of decimal operations in Golang
Flex layout in detail
UOS统信系统 - WindTerm使用
The article you worked so hard to write may not be your original
面试突击69:TCP 可靠吗?为什么?
Qualcomm cDSP simple programming example (to query Qualcomm cDSP usage, signature), RK3588 npu usage query
![[Code Hoof Set Novice Village 600 Questions] Merge two numbers without passing a character array](/img/4d/038e6cd6ecad19934122cff89f4d76.png)
[Code Hoof Set Novice Village 600 Questions] Merge two numbers without passing a character array
随机推荐
UserAgent resolution
Qualcomm cDSP simple programming example (to query Qualcomm cDSP usage, signature), RK3588 npu usage query
hboot and recovery, boot.img, system.img
周总结
MATLAB program design and application 2.4 Common internal functions of MATLAB
How to reduce the gap between software design and implementation
手写一个简单的web服务器(B/S架构)
Pytest first experience
One thing to say, is outsourcing company worth it?
Input and output optimization
消息队列消息存储设计(架构实战营 模块八作业)
Audio alignment using cross-correlation
UVM RAL model and built-in seq
22年8月推广大使额外奖励规则
A solution to the server encountered an internal error that prevented it from fulfilling this request [easy to understand]
"SDOI2016" Journey Problem Solution
How to debug TestCafe
Shell常用脚本:Nexus批量上传本地仓库增强版脚本(强烈推荐)
【Acwing】The 62nd Weekly Game Solution
grep command written test questions