SQL injection attack (SQL injection) is an attacker submitting a carefully constructed SQL statement in a form, altering the original SQL statement, and causing a SQL injection attack if the Web program does not check the submitted data.
General steps for SQL injection attacks:
1, the attacker to access the site with SQL injection vulnerabilities, looking for injection point
2, the attacker constructs injection statements, injection statements and SQL statements in the program combined to generate a new SQL statement 3, a new SQL statement is submitted to the database to perform processing
4. The database executes a new SQL statement that throws a SQL injection attack
Instance
Database
CREATE TABLE ' PostMessage ' (
' id ' int (one) not NULL auto_increment,
' Subject ' varchar not NULL default ',
' Name ' varchar ' not NULL default ',
' Email ' varchar not NULL default ',
' Question ' Mediumtext not NULL,
' Postdate ' datetime not NULL default ' 0000-00-00 00:00:00′,
PRIMARY KEY (' id ')
) Engine=myisam DEFAULT charset=gb2312 comment= ' user's message ' auto_increment=69;
Grant all privileges in ch3.* to ' sectop ' @localhost identified by ' 123456′;
add.php Insert Message
list.php message list
show.php Display Message page
Http://www.netsos.com.cn/show.php?id=71 There may be an injection point, and we'll test
Http://www.netsos.com.cn/show.php?id=71 and 1=1