[英]mysql_query inject - replace returned field
im trying to learn and understand mysql inject, i have created demo case. 我试图学习和理解mysql注入,我创建了演示案例。
SELECT ret_variable FROM data WHERE name = '".$name."' AND age = ".$age;
then if(ret_variable == 2){something}
but query originally returns 1 and i need to force it to output 2 然后if(ret_variable == 2){something}
但查询最初返回1,我需要强制其输出2
How to modify $age
variable to set custom output field for ret_variable
(only in response) ? 如何修改$age
变量以设置ret_variable
自定义输出字段(仅在响应中)? I have tried few ways with OR but didn't wroked. 我用OR尝试了几种方法,但没有惊慌。
I see no practical application other than learning. 除了学习,我看不到任何实际的应用。 I assume since you know the code , you have permission to test this out. 我假设由于您知道代码,因此您有权进行测试。 So let's give it a go! 因此,让我们一起去吧!
You can only return a 2 for the ret_variable when there is a row in the database with a value of 2 as the ret_variable and you know the name value of that row. 仅当数据库中有行的ret_variable值为2并且您知道该行的名称值时,才可以为ret_variable返回2。 You can for instance enter that name and the following to bypass the correct value for the age. 例如,您可以输入该名称和以下内容来绕过年龄的正确值。
age AND ret_value = 2 年龄AND ret_value = 2
That would create the following query: 这将创建以下查询:
SELECT ret_variable FROM data WHERE name = 'John' AND age = age AND ret_value = 2;
The principle of mysql injection is this sort of manipulation of the query. mysql注入的原理是对查询的这种操纵。 But you can not force a value which is returned unless there is a row in the database with this value for ret_variable and you can somehow select this row. 但是,除非数据库中有一行包含ret_variable的该值,并且您可以以某种方式选择此行,否则您不能强制返回该值。
When you don't know the name (or there is no record of your known name with a ret_variable of 2) it is not possible. 如果您不知道名称(或者没有ret_variable为2的已知名称记录),则不可能。
Since the AND operator has precedence over the OR operator you cannot manipulate the query to give a 2 as ret_variable. 由于AND运算符的优先级高于OR运算符,因此您无法操纵查询以将ret_variable设为2。 This is because the name = '?' 这是因为名称='?' part will always fail. 部分将永远失败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.