Php注入點(diǎn)構(gòu)造代碼
更新時(shí)間:2008年06月14日 19:30:19 作者:
php注入代碼,方便注入測(cè)試
把下面保存成 Test.asp
<?
$mysql_server_name = "localhost";
$mysql_username = "root";
$mysql_password = "password";
$mysql_database = "phpzr"; //??ݿ??
$conn=mysql_connect( $mysql_server_name, $mysql_username, $mysql_password );
mysql_select_db($mysql_database,$conn);
$id=$_GET['id'];
$sql = "select username,password from admin where id=$id";
$result=mysql_db_query( $mysql_database, $sql,$conn );
$row=mysql_fetch_row($result);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Php Sql Injection Test </title>
</head>
<body>
<p align="center"><b><font color="#FF0000" size="5" face="華文行楷"> </font><font color="#FF0000" size="5" face="華文新魏">PHP
注入測(cè)試專用</font></b></p>
<table width="100%" height="25%" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><?=$row[0]?></td>
</tr>
<tr>
<td><?=$row[1]?></td>
</tr>
</table>
<p><u><font color="#0000FF">BY:孤狐浪子 QQ:393214425 </font></u></p>
<p><font color="#0000FF">Blog: Http://itpro.blog.163.com</font></p>
<p> </p>
</body>
</html>
創(chuàng)建數(shù)據(jù)庫(kù)代碼:保存成test.sql 使用phpmyadmin執(zhí)行就ok了
CREATE DATABASE `phpzr` ; //創(chuàng)建數(shù)據(jù)庫(kù)名稱
CREATE TABLE admin (
id int(10) unsigned NOT NULL auto_increment,
username char(10) NOT NULL default '',
password char(10) NOT NULL default '',
useremail char(20) NOT NULL default '',
groupid int(11) NOT NULL default '0',
PRIMARY KEY (id)
) TYPE=MyISAM;
INSERT INTO admin VALUES (1, 'admin', 'itpro.blog.163.com','itpro@163.com', 1);
INSERT INTO admin VALUES (2, 'admin1', 'itpro.blog.163.com','itpro@163.com', 2);
INSERT INTO admin VALUES (3, 'admin2', 'itpro.blog.163.com','itpro@163.com', 3);
INSERT INTO admin VALUES (4, 'admin3', 'itpro.blog.163.com','itpro@163.com', 4);
INSERT INTO admin VALUES (5, 'admin4', 'itpro.blog.163.com','itpro@163.com', 5);
CREATE TABLE admin1 (
id int(10) unsigned NOT NULL auto_increment,
username char(10) NOT NULL default '',
password char(10) NOT NULL default '',
useremail char(20) NOT NULL default '',
groupid int(11) NOT NULL default '0',
PRIMARY KEY (id)
) TYPE=MyISAM;
INSERT INTO admin1 VALUES (1, 'admin', 'itpro.blog.163.com','itpro@163.com', 1);
INSERT INTO admin1 VALUES (2, 'admin1', 'itpro.blog.163.com','itpro@163.com', 2);
INSERT INTO admin1 VALUES (3, 'admin2', 'itpro.blog.163.com','itpro@163.com', 3);
INSERT INTO admin1 VALUES (4, 'admin3', 'itpro.blog.163.com','itpro@163.com', 4);
INSERT INTO admin1 VALUES (5, 'admin4', 'itpro.blog.163.com','itpro@163.com', 5);
復(fù)制代碼 代碼如下:
<?
$mysql_server_name = "localhost";
$mysql_username = "root";
$mysql_password = "password";
$mysql_database = "phpzr"; //??ݿ??
$conn=mysql_connect( $mysql_server_name, $mysql_username, $mysql_password );
mysql_select_db($mysql_database,$conn);
$id=$_GET['id'];
$sql = "select username,password from admin where id=$id";
$result=mysql_db_query( $mysql_database, $sql,$conn );
$row=mysql_fetch_row($result);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Php Sql Injection Test </title>
</head>
<body>
<p align="center"><b><font color="#FF0000" size="5" face="華文行楷"> </font><font color="#FF0000" size="5" face="華文新魏">PHP
注入測(cè)試專用</font></b></p>
<table width="100%" height="25%" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><?=$row[0]?></td>
</tr>
<tr>
<td><?=$row[1]?></td>
</tr>
</table>
<p><u><font color="#0000FF">BY:孤狐浪子 QQ:393214425 </font></u></p>
<p><font color="#0000FF">Blog: Http://itpro.blog.163.com</font></p>
<p> </p>
</body>
</html>
創(chuàng)建數(shù)據(jù)庫(kù)代碼:保存成test.sql 使用phpmyadmin執(zhí)行就ok了
復(fù)制代碼 代碼如下:
CREATE DATABASE `phpzr` ; //創(chuàng)建數(shù)據(jù)庫(kù)名稱
CREATE TABLE admin (
id int(10) unsigned NOT NULL auto_increment,
username char(10) NOT NULL default '',
password char(10) NOT NULL default '',
useremail char(20) NOT NULL default '',
groupid int(11) NOT NULL default '0',
PRIMARY KEY (id)
) TYPE=MyISAM;
INSERT INTO admin VALUES (1, 'admin', 'itpro.blog.163.com','itpro@163.com', 1);
INSERT INTO admin VALUES (2, 'admin1', 'itpro.blog.163.com','itpro@163.com', 2);
INSERT INTO admin VALUES (3, 'admin2', 'itpro.blog.163.com','itpro@163.com', 3);
INSERT INTO admin VALUES (4, 'admin3', 'itpro.blog.163.com','itpro@163.com', 4);
INSERT INTO admin VALUES (5, 'admin4', 'itpro.blog.163.com','itpro@163.com', 5);
CREATE TABLE admin1 (
id int(10) unsigned NOT NULL auto_increment,
username char(10) NOT NULL default '',
password char(10) NOT NULL default '',
useremail char(20) NOT NULL default '',
groupid int(11) NOT NULL default '0',
PRIMARY KEY (id)
) TYPE=MyISAM;
INSERT INTO admin1 VALUES (1, 'admin', 'itpro.blog.163.com','itpro@163.com', 1);
INSERT INTO admin1 VALUES (2, 'admin1', 'itpro.blog.163.com','itpro@163.com', 2);
INSERT INTO admin1 VALUES (3, 'admin2', 'itpro.blog.163.com','itpro@163.com', 3);
INSERT INTO admin1 VALUES (4, 'admin3', 'itpro.blog.163.com','itpro@163.com', 4);
INSERT INTO admin1 VALUES (5, 'admin4', 'itpro.blog.163.com','itpro@163.com', 5);
相關(guān)文章
php中->?、=>、::、$this->四種常見(jiàn)符號(hào)使用方法技巧
php中->?、=>、::、$this->四種符號(hào)在代碼中很常見(jiàn),使用很廣泛。這篇文章主要介紹了php中->?、=>、::、$this->四種常見(jiàn)符號(hào)使用方法技巧2022-12-12PHP Class self 與 static 異同與使用詳解
這篇文章主要介紹了PHP中 Class self 與 static 有什么區(qū)別,都怎么用,需要的朋友們下面隨著小編來(lái)一起學(xué)習(xí)學(xué)習(xí)吧2021-09-09解析smarty模板中類似for的功能實(shí)現(xiàn)
本篇文章是對(duì)smarty模板中類似for的功能實(shí)現(xiàn)方法進(jìn)行了詳細(xì)的分析介紹,需要的朋友參考下2013-06-06php數(shù)組函數(shù)序列之a(chǎn)rray_intersect() 返回兩個(gè)或多個(gè)數(shù)組的交集數(shù)組
array_intersect() 函數(shù)返回兩個(gè)或多個(gè)數(shù)組的交集數(shù)組。結(jié)果數(shù)組包含了所有在被比較數(shù)組中,也同時(shí)出現(xiàn)在所有其他參數(shù)數(shù)組中的值,鍵名保留不變。2011-11-11php將access數(shù)據(jù)庫(kù)轉(zhuǎn)換到mysql數(shù)據(jù)庫(kù)的方法
這篇文章主要介紹了php將access數(shù)據(jù)庫(kù)轉(zhuǎn)換到mysql數(shù)據(jù)庫(kù)的方法,可實(shí)現(xiàn)讀取access數(shù)據(jù)庫(kù)數(shù)據(jù)并寫(xiě)入到mysql數(shù)據(jù)庫(kù)中,具有一定的參考借鑒價(jià)值,需要的朋友可以參考下2014-12-12