关于sql注入
删除表,先猜表名,可以使用下面的语名:
|
Select * from A where A.a = ‘testdata’; drop table A---’; |
If a field only allow number, give it a String or others 假如一个字段仅仅只允许使用一个数字,传给他一个字符串或者其它类型。
Use ‘OR 1=1’, get all records in query function 使用‘or 1=1’ 能得到所有的查询记录
|
Select * from A where A.a = ‘testdata’ OR ‘1’=’1’; |
In login function, give user name field like ‘username’--’, “--’ and A.password = ‘’” is commented
在登录功能,给用户传 ‘username’--’, “--’ and A.password = ‘’”
|
Select * from user A where A.username = ‘username’--’ and A.password = ‘’; |
Adding records function, if there is 4 fields in this table, add 5 fields, eg.
添加 一条记录,假如这条表只有4个字段,那就多加一个字段
|
Normal: Insert into table A values(‘’,’’,’’,’’); Test Data: Insert into table A values(‘’,’testdata’,’’,’’,’’); |
Input test data in or out of this field data
Add single quotation marks and semicolon, and break off string splicing, this is similar with point 4
|
Update table A set A.a = ‘testdata’;--’ |
Yellow partis test data we input
最新文章
- 关于在BAE上部署ThinkPHP框架的问题
- mysql的从头到脚优化之数据库引擎的选择(转载)
- onload是代码在也买你的追加元素的完成,而不是http请求的完成
- Effective Java之最佳建议
- MEF依赖注入调试小技巧!
- android-'Using 1.7 requires compiling with Android 4.4 (KitKat); currently using API 8'
- python笔记——第二天
- demo说明
- 使用BeanUtils类实现DTO之间的同名属性复制
- YOLO v3
- 7-10 多项式A除以B (25 分)
- this inspection detects names that should resolved but don't. Due to dynamic dispatch and duck typing, this is possible in a limited but useful number of cases. Top-level and class-level items are sup
- PHP之缓存雪崩,及解决方法(转)
- 64位版本为什么叫amd64,而不是intel64
- 【作业三】结队任务二-----CourseManagement
- JavaScript 第九章总结
- 外购半成品报SHORT问题(验货客户)
- 【代码审计】iCMS_v7.0.7 search.admincp.php页面存在SQL注入漏洞
- redis环境搭建与配置
- 数据库中的html在页面上显示