Php injection 1. This article mainly serves the dishes. if you are an old bird, some things may be boring, but as long as you read it carefully, you will find a lot of interesting things. This article mainly serves the dishes. if you are an old bird, some things may be boring, but as long as you read it carefully, you will find a lot of interesting things.
To read this article, you only need to understand the following.
1. understand how the php + mysql environment is built. we will include relevant articles on the CD. if you are not clear about how to build the php + mysql environment, please refer to this article first, this topic was also introduced in the previous issue.
2. understand the configuration of php and apache, mainly using php. ini and httpd. conf.
In this article, we mainly use the configuration of php. ini. For the sake of security, we usually open php. the security mode in ini, that is, making safe_mode = On, and returning display_errors with php execution errors will return a lot of useful information, so we should disable it,
That is, after display_errors = off is disabled, the php function execution error information will not be displayed to the user.
In the php configuration file php. ini, magic_quotes_gpc is an important configuration option. by default, magic_quotes_gpc = On is used in the later version, and only
The default configuration is magic_quotes_gpc = Off, but some antique items are also used!
What will happen when magic_quotes_gpc = On is in php. ini? don't worry. the sky will not collapse! It only converts all '(single quotation marks), "(double quotation marks), (backslash), and null characters in the submitted variables into escape characters containing the backslash, for example, convert 'into'.
This makes us very uncomfortable. many times we have to say BYEBYE to the character type,
But don't be discouraged. we still have a good way to deal with it. let's look down!
3. have a certain php language Foundation and understand some SQL statements. these are very simple. We use very few things, so the charge is still coming!
Let's take a look at what we can do when magic_quotes_gpc = Off, and then we can find a way to solve the problem of magic_quotes_gpc = On.
1. injection when magic_quotes_gpc = Off
Ref = "http://hackbase.com/hacker" target = _ blank> attack
Although magic_quotes_gpc = Off is not safe, the new version also makes
Magic_quotes_gpc = On, but we also find magic_quotes_gpc = Off On many servers, such as www. qichi .*.
Some other programs, such as the vbb Forum, even if you configure magic_quotes_gpc = On, it will automatically eliminate escape characters so that we can take advantage of them.
Magic_quotes_gpc = Off injection methods are still available in large markets.
Next we will explain in detail mysql + php injection in terms of syntax, injection points and injection types.
A: starting with MYSQL syntax
1. First, let's talk about some basic mysql syntaxes. it's a supplementary lesson for children who haven't learned well ~ _~
....
