[英]SQL injection to drop/empty table
I am trying to drop/empty table using user inputs.我正在尝试使用用户输入删除/清空表。
My SQL code is $sql = "SELECT * FROM users WHERE username = '$username' and password = '$password'"
;我的 SQL 代码是$sql = "SELECT * FROM users WHERE username = '$username' and password = '$password'"
;
I am typing or 1=1#
to login without username and password which works perfectly!我正在输入or 1=1#
以在没有用户名和密码的情况下登录,这非常有效!
Any idea how can I drop/empty the contain of table (users)?知道如何删除/清空表(用户)的包含吗?
I have tried so may ways like:我已经尝试过这样的方法:
or DROP TABLE users
; or DROP TABLE users
; or DROP TABLE users
; or DROP TABLE users
; or DROP TABLE users
The SQL injection that you are trying to do use the closing of the request, by closing the argument with '
.您尝试执行的 SQL 注入使用关闭请求,方法是使用'
关闭参数。 So, you should begin by closing the actual ' before trying to do something else.因此,您应该先关闭实际的 ',然后再尝试做其他事情。
For example:例如:
SELECT * FROM users WHERE username = ''; here do what you want;'';
Here, the name was '; here do what you want;'
在这里,名字是'; here do what you want;'
'; here do what you want;'
. . Composed of:由...组成的:
'
closing WHERE
section '
关闭WHERE
部分;
closing the request that is sensitive to SQL injection关闭对 SQL 注入敏感的请求DROP TABLE users;
你SQL请求,为你DROP TABLE users;
'
to re-open what we closed at the begin '
重新打开我们在开始时关闭的内容I found the solution: I used query() instead of multi_query()我找到了解决方案:我使用 query() 而不是 multi_query()
multi_query() can take more than one queries at one time. multi_query() 一次可以接受多个查询。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.