Home > Others

Analysis and utilization of SQL Injection Vulnerability (i)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

The core idea of SQL injection

The hacker constructs a database query code after the normal URL to call the database, and then, based on the returned results, obtains some of the desired data.
SQL Structured Query Language, the vast majority of relational databases (MySQL, Access, Oracle, etc.) are SQL for query, management and common operations.
Environment Construction: Appserv
With Appserv, you can quickly build an environment in your Windows system

SQL INJECTION Statement:

select * from hack;#显示hack表中的所有记录
select * from hack where id=1;Records of #从hack表中查找满足条件id =1

select username,password from hack where id=1;
#从hack表中查找满足条件id =1 records and display only username and password field contents

select * from hack where id=1 and username="admin";
Records for #从hack表中查找满足条件id =1 and username= "admin"

select * from hack where id=1 or username="admin";
#从hack表中查找满足条件id =1 or username= "admin" records

select * from news where id=1 and exists(select * from hack);
#通过exists () function to determine if the hack table exists

select * from news where id =1 and exists(select username from hack);
#通过exists () function to determine if the username field exists in the hack table

select * from hack order by id;#按照hack表中的id列升序排序

select username,password from hack order by 2;
#按照查询结果中的第二列 (password column) ascending sort
The current query shows several fields through order by, and a Union Select Union query can be constructed next

Union Select Union Query

Union union queries can execute two or more queries at once and combine their results to output display
Basic Rules for Union union queries: The number of columns in all queries must be the same
Select from News Union select from hack #字段不匹配, query error (NEWS3 fields, Hack2 fields)
Select from News Union select Username,password from hack; query ok
Select from news union select from hack; field names can be replaced by numbers

Study notes for Guangping Teacher's course

Analysis and utilization of SQL Injection Vulnerability (i)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More