2017/09/03_Bypass_safedog_Sql注入
prat 1
本文大致内容
+ 思路以及想法
- 四重注释绕过safedog
+ 实战绕过
- 绕过and 1=1
- 绕过union+select
- 爆表
- 爆字段
- 读内容
prat 2
测试代码
$link = mysqli_connect('localhost','root','root','security');
$sql = "select * from users where id=".$_GET['id'];
$result = mysqli_query($link,$sql);
if($rows = mysqli_fetch_array($result)){
echo $rows['id'];
echo '
';
echo $rows['username'];
echo '
';
echo $rows['password'];
echo '
';
}
mysqli_close($link);
?>
prat 3
绕过 and 1=1
Url:url:http://192.168.1.107/sql.php?id=1 and 1=1