Less-11
From this close we begin to enter the world of post injection, what is post? Is that the data is submitted from the client to the server side, for example, we enter the user name and password during the login process, the user name and password are submitted as forms, submitted to the server after the server for verification. This is the process of a post.
For example, when we enter the correct user name and password in LESS11, we show
So how do we think about injecting it?
In the post process, the user name and password we entered at the end of the process in the background will still form the previous SQL statement, then we can be like get type of the payload we want to construct it?
When we enter Username:admin ' #
PASSWORD:DDD (Lose it casually)
Error is displayed, you can parse from the error to the program to handle the parameters of single quotation marks.
Here we can enter a universal password in the input box to try it.
Here username input: admin ' or ' 1 ' = ' #, password free.
Return the correct result, then what is the reason? We have actually mentioned in the background-1 that the principle has been explained in the part of the logical operation.
When we commit username and password, the SQL statements formed in the background are
@ $sql = "Select username, password from users WHERE username= ' admin ' or ' 1 ' = ' 1# and password= ' $passwd ' LIMIT 0,1 ';
After the content is commented out, the previous content because or 1=1 constant, so the statement is set up, we at this time with the Admin user login. Then we'll try to inject with the other statements used in get injection instead of or 1=1.
Here we try with the union injection:
Username:1admin ' Union Select 1,database () #
Passwd=1 (any password)
We can see that the database is security, which is a common technique.
Other methods can also be used to inject. The statements mentioned above in get injection can be used.
Of course, there are other ways to inject, and we'll show you the payload of the examples in the following levels.
Sqli-labs less 11