如何测试我的PHP MySQL注入示例? [英] How can I test my PHP MySQL injection example?
问题描述
我想在登录示例中使用PHP/Mysql注入,下面是我的代码.
I want to use PHP/Mysql injection with a login example, my code is below.
我尝试使用用户名anything' --
和一个空密码,但是它不起作用,并且我无法登录.
I have tried with a username of anything' --
and an empty password but it doesn't work and I couldn't log in.
有人可以帮我吗?
<?php
mysql_connect('localhost','root','root');
mysql_select_db('hp');
?>
<form action="" method="post">
<table width="50%">
<tr>
<td>User</td>
<td><input type="text" name="user"></td>
</tr>
<tr>
<td></td>
<td><input type="text" name="password"></td>
</tr>
</table>
<input type="submit" value="OK" name="s">
</form>
<?php
if($_POST['s']){
$user = $_POST['user'];
$pass = $_POST['password'];
$re = mysql_query("select * from zend_adminlist where user_name = '$user' and password = '$pass'");
if(mysql_num_rows($re) == 0){
echo '0';
}else{
echo '1';
}
}
?>
推荐答案
最常见的示例之一是此查询:
One of the most common examples is this query:
' or '1'='1
如果您将此用户名和密码输入此用户名和密码,则查询更改如下:
If you enter this as the username and password into some unsanitized login input the query changes like so:
Original: SELECT * FROM USERS WHERE USER='' AND PASS='';
Modified: SELECT * FROM USERS WHERE USER='' or '1'='1' AND PASS='' or '1'='1';
这将使每件事物都为真,因为1始终等于1.此方法的问题是不允许选择特定用户.这样做,您需要通过注释掉它来忽略AND语句,如其他示例所示.
This causes each thing its looking for to be true, as 1 will always equal 1. Problem with this method is it does not allow the selection of a particular user. Doing so you need to make it ignore the AND statement by commenting it out as seen in other examples.
这篇关于如何测试我的PHP MySQL注入示例?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!