当前位置:网站首页>SQL injection Less42 (POST type stack injection)
SQL injection Less42 (POST type stack injection)
2022-07-31 22:52:00 【HUAWEI CLOUD】
Pre-knowledge: SQL Injection Less38 (Stacked Injection)
The page of this question is similar to secondary injection, but we can't register users, so we can't use secondary injection.
White box audit, view code
$username = mysqli_real_escape_string($con1, $_POST["login_user"]);$password = $_POST["login_password"];Only the username is escaped, but not the password, so the password is a breakthrough
Test the password with a passcode' or 1=1#
But why do we enter admin but log in as Dumb.
Because the SQL here is
SELECT * FROM users WHERE username='admin' and password='' or 1=1 #' And the priority of and is higher than or.So this statement is equivalent to
select * from users where 1Then the result is the entire users table.And Dumb is in the first row, so it is Dumb that is logged in.
Use password for stack injection
Enter the username at will
Password';drop table users;
https://blog.csdn.net/weixin_43901998/article/details/107566100
边栏推荐
- Transfer Learning - Domain Adaptation
- A shortcut to search for specific character content in idea
- TestCafeSummary
- Talking about the algorithm security of network security
- 21. Support Vector Machine - Introduction to Kernel Functions
- MLP神经网络,GRNN神经网络,SVM神经网络以及深度学习神经网络对比识别人体健康非健康数据
- 「SDOI2016」征途 题解
- Several methods for deleting specified elements in Golang slices
- [QNX Hypervisor 2.2 User Manual]9.14 set
- I don't know what to do with sync issues
猜你喜欢
Dry goods | 10 tips for MySQL add, delete, change query performance optimization
Bionic caterpillar robot source code
Shell常用脚本:Nexus批量上传本地仓库增强版脚本(强烈推荐)
![[Code Hoof Set Novice Village 600 Questions] Merge two numbers without passing a character array](/img/4d/038e6cd6ecad19934122cff89f4d76.png)
[Code Hoof Set Novice Village 600 Questions] Merge two numbers without passing a character array
面试突击69:TCP 可靠吗?为什么?
Flink_CDC construction and simple use
Bika LIMS open source LIMS set - use of SENAITE (detection process)
focus on!Haitai Fangyuan joins the "Personal Information Protection Self-discipline Convention"
In Golang go-redis cluster mode, new connections are constantly created, and the problem of decreased efficiency is solved
Payment module implementation
随机推荐
ECCV 2022 Huake & ETH propose OSFormer, the first one-stage Transformer framework for camouflaging instance segmentation!The code is open source!...
#yyds dry goods inventory# Interview must brush TOP101: the entry node of the ring in the linked list
「SDOI2016」征途 题解
Shell常用脚本:Nexus批量上传本地仓库增强版脚本(强烈推荐)
Embedded development has no passion, is it normal?
VOT2021比赛简介
A few permanent free network transmission, convenient and simple (Intranet through tutorials)
The difference between adding or not adding the ref keyword when a variable of reference type is used as a parameter in a method call in C#
(26) About menu of the top menu of Blender source code analysis
HTC使用官方固件作为底包制作rom卡刷包教程
Unity-通过预制件和克隆方法动态实现各个UGUI下控件的创建和显示
In Golang go-redis cluster mode, new connections are constantly created, and the problem of decreased efficiency is solved
消息队列消息存储设计(架构实战营 模块八作业)
Fixed-length usage of nanopb string type based on RT1052 Aworks (27)
基于simulink的Passive anti-islanding-UVP/OVP and UFP/OFP被动反孤岛模型仿真
UVM RAL model and built-in seq
useragent online lookup
周总结
信息学奥赛一本通 1941:【07NOIP普及组】Hanoi双塔问题 | 洛谷 P1096 [NOIP2007 普及组] Hanoi 双塔问题
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none failed