Parse database and SQL injection, big guy don't squirt

1. What is a database?

A database is a warehouse that organizes, stores, and manages data according to its structure, which is generated more than more than 60 years ago, with the development of information technology and markets, especially after the 1990s, data management is no longer just a way to store and manage data, but to transform it into the kind of data management that users need. There are many types of databases, ranging from the simplest tables with various data to large database systems that can store massive amounts of data, are widely used in all aspects.

2. What is SQL injection?

SQL injection, by inserting a SQL command into a Web form to submit or entering a query string for a domain name or page request, eventually achieves a malicious SQL command that deceives the server. Specifically, it is the ability to inject (malicious) SQL commands into the background database engine execution using existing applications, which can be obtained by entering (malicious) SQL statements in a Web form to a database on a Web site that has a security vulnerability, rather than executing the SQL statement as the designer intended. [1] For example, many of the previous film and television sites leaked VIP membership password is mostly through the Web form to submit query characters, such forms are particularly vulnerable to SQL injection attacks

3. How do I make SQL injection?

SQL bypass user name and password, I only speak the simplest way, let everyone understand the principle is good

Background to get the user name and password from the foreground,

Assuming the Account field is user, the password field is password and the table name is Admin

The SQL statement that queries the user name and password is

[PHP] View plaincopyprint?

<span style= "FONT-SIZE:14PX;" >select * from admin where user= $userand passswod= $password </span>

We $_post two data in front of the station

[PHP] View plaincopyprint?

<span style= "FONT-SIZE:14PX;" > $user =$_post[' user ']

$password =$_post[' password ']</span>

When the SQL statement executes, the query statement is

[PHP] View plaincopyprint?

<span style= "FONT-SIZE:14PX;" >select * from admin where user= "or a= ' a '" and passswod= "or a= ' a '" </span>

If this is done, the result of this statement is true, bypassing the user name and password restrictions

Of course, there are some bad limitations to this approach, such as we are querying the user name and password separately, or the password using MD5 encryption, this method is invalid, but you can experiment with other methods, this simple example is to understand what is SQL injection.

Parse database and SQL injection, big guy don't squirt