A brief introduction to SQL injection

Others 2022-04-22 22:05:39 views: 0
First, the concept of SQL injection
  1. SQL injection is a method of adding SQL code to input parameters
  2. An attack method that is passed to the sql server for parsing and execution
  Example: The username of a website is name='admin'. When executed, select name from users where name='admin'
    Then enter name='' or '1=1' when entering. In fact, what is executed in the database is select name from users where name='' or '1=1' is true, and the user name is valid

Second, the generation of SQL injection
  1. Web developers cannot guarantee that all input is filtered
  2. The attacker uses the input data sent to the SQL server to construct executable SQL code
  3. The database has not been properly configured for security
  For points 1 and 2, the attacker can use the get request, post request, cookie information, corresponding http header information, etc. to input data to achieve the purpose of the attack

3. Looking for SQL Injection Vulnerabilities
  1. Raise exceptions by constructing exceptions, for example: input special characters where only integers are supported to cause sql exceptions
  2. Find sensitive information through get request, post request, cookie information, corresponding http header information, etc.
  3. Detect the corresponding abnormality in the server

Fourth, carry out sql injection attack
  1. Digital injection. Attack by using the digital input in the where judgment statement in the database.
    For example: select name from users where name='' or '1=1'. result is always true
  2. String injection. Attack using mysql's annotation method
    a, #Comment method.
      Enter: admin'# in the input box of the user name, and fill in the password arbitrarily.
      What is executed in the database is: select * from name='admin'#'and password=xxxxx'. #Comment out all the following, and only judge name=admin when judging
    b, -- hdka method, two horizontal bars + space + any character. Everything after the space is treated as a comment during execution
      Enter: admin'-- in the input box of the user name, and fill in the password arbitrarily.
      What is executed in the database is: select * from name='admin'-- 'and password=xxxxx'. #Comment out all the following, and only judge name=admin when judging 
 

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325293274&siteId=291194637
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com