如何测试我的PHP MySQL注入示例? [英] How can I test my PHP MySQL injection example?

问题描述

我想在登录示例中使用PHP/Mysql注入，下面是我的代码.

I want to use PHP/Mysql injection with a login example, my code is below.

我尝试使用用户名anything' --和一个空密码，但是它不起作用，并且我无法登录.

I have tried with a username of anything' -- and an empty password but it doesn't work and I couldn't log in.

有人可以帮我吗?

<?php
mysql_connect('localhost','root','root');
mysql_select_db('hp');
?>

<form action="" method="post">
<table width="50%">
    <tr>
        <td>User</td>
        <td><input type="text" name="user"></td>
    </tr>
    <tr>
        <td></td>
        <td><input type="text" name="password"></td>
    </tr>
</table>
    <input type="submit" value="OK" name="s">
</form>

<?php
if($_POST['s']){
    $user = $_POST['user'];
    $pass = $_POST['password'];     
    $re = mysql_query("select * from zend_adminlist where user_name = '$user' and password = '$pass'");

    if(mysql_num_rows($re) == 0){       
        echo '0';
    }else{
        echo '1';
    }
}
?>

推荐答案

最常见的示例之一是此查询:

One of the most common examples is this query:

' or '1'='1

如果您将此用户名和密码输入此用户名和密码，则查询更改如下:

If you enter this as the username and password into some unsanitized login input the query changes like so:

Original: SELECT * FROM USERS WHERE USER='' AND PASS='';
Modified: SELECT * FROM USERS WHERE USER='' or '1'='1' AND PASS='' or '1'='1';

这将使每件事物都为真，因为1始终等于1.此方法的问题是不允许选择特定用户.这样做，您需要通过注释掉它来忽略AND语句，如其他示例所示.

This causes each thing its looking for to be true, as 1 will always equal 1. Problem with this method is it does not allow the selection of a particular user. Doing so you need to make it ignore the AND statement by commenting it out as seen in other examples.

这篇关于如何测试我的PHP MySQL注入示例?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！