Less-37
This is similar to the 34-level, the difference is that the processing of post content is mysql_real_escape_string () function, rather than the addslashes () function, but the principle is always, above we have analyzed the principle, here do not repeat.
We still use the idea of universal password to break through.
Submit content as shown:
Can be seen to log in normally.
?
Summary:
From the above a few of the above, you can summarize the filter ' \ \ \ \ \ \ \ \ \ \ \ Three is directly replace,
Addslashes (), mysql_real_escape_string (). Three ways to rely on only one function is not completely defensive, so we need to consider more carefully when writing code. At the same time in the above process, we also give three kinds of defense methods, I believe that careful reading has been understood, here will not repeat.
Sqli-labs less 37