php+mysql注入点构造

CracerCracer 2015-10-15 代码审计 1,046 0 5

为了练习SQL注入操作,我们可以自己构造注入点来进行测试;

<?php
/**
 * create database sqlinject;
 * 
 * use sqlinject;
 * 
 * create table admin(
 * id int auto_increment primary key,
 * username varchar(32) not null,
 * password varchar(32) not null
 * );
 * 
 * insert into admin (username,password) values ('admin',md5('admin')),('safe',md5('12345')),('test',md5('test'));
 */
$db_host = 'localhost';
$db_user = 'root';
$db_pass = 'cracer.com';
$id = $_REQUEST['id'];

$link = mysql_connect($db_host, $db_user, $db_pass) or die("DB Connect Error:" . mysql_error());
mysql_select_db('sqlinject', $link) or die("Can\'t use sqlinject:" . mysql_error());
$sql = "SELECT * FROM admin WHERE id=$id";
$query = mysql_query($sql) or die("Invalid Query:" . mysql_error());
while ($row = mysql_fetch_array($query))
{
    echo "用户ID:" . $row['id'] . "<br>";
    echo "用户账号:" . $row['username'] . "<br>";
    echo "用户密码:" . $row['password'] . "<br>";
} 
mysql_close($link);

echo "当前查询语句:".$sql."<br>";
?>

转载请注明来自Cracer,本文标题:《php+mysql注入点构造》

喜欢 (5) 发布评论
发表评论


Top