SQL 注入无法正常工作 [英] SQL injection is not working correctly

问题描述

我正在尝试在我的本地主机上为安全测试项目创建的虚拟网站上执行 SQL 注入.

I'm trying to perform an SQL injection on a dummy website created on my localhost for a security testing project.

我尝试在用户名和密码字段中输入字符串 " OR "='，因此它应该绕过它并显示 Login Correct - 但它显示的是 登录失败

I tried to enter the string " OR "=' into the username and password field so it should bypass it and display Login Correct - But instead it displays login failed

有助于理解为什么 SQL 注入不起作用

Any help to understand why SQL injection is not working

<?php
    mysql_connect('localhost', 'root', '');
    mysql_select_db('test');

    if(isset($_POST['username'])&&isset($_POST['password'])){
       $username =$_POST['username'];
       $password = $_POST['password'];
       echo $username;
       echo $password;

       if(!empty($username)&&!empty($password)){
          $query ="SELECT id FROM users WHERE username = '$username' AND password = '$password'";
          $query_run = mysql_query($query);

          if(mysql_num_rows($query_run)>=1){
              echo 'Login Correct';
          }else{
              echo 'Login Failed';
          }
       }
    }
?>
<form action="test.php" method="POST">
   Username: <input type="text" name="username">
   Password: <input type="text" name="password">
   <input type="submit" value="Submit">
</form>

推荐答案

你的注入字符串应该是这样的:
用户名和密码:

Your injection string should be like this:
Username and password:

' or '1' = '1

用户名(通常)或密码:(这取决于查询中的第一个)
# 评论查询的其余部分.

Username (often) or password: (It depends on which one come first in the query)
# comments rest of the query.

' or '1'='1' #

有关 SQL 注入的更多信息，您可以查看这个完美的 url:
SQL注入知识库

For more information about SQL injection, you can check out this perfect url:
The SQL Injection Knowledge Base

这篇关于SQL 注入无法正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！