Linux
- security, vulnerabilities
-
Practical combat: summary of security vulnerabilities
security, vulnerabilities
Practical combat: summary of security vulnerabilities
1. SQL injection
1, example
' OR 1=1#
或
" OR 1=1#
example:
$sql = "SELECT * FROM user WHERE username=''$name' AND password='$pwd'";
We enter the username on the front end' OR 1=1#
and write the password casually, and then we can enter the website. Because #
is a comment symbol here, all subsequent statements are commented out.