Ethical Hacking - Web Penetration Testing(9)

标签：图片   blog   user   nbsp   try   from   format   ant   mic   

SQL INJECTION

Discovering SQLi in GET

Inject by browser URL.

Selecting Data From Database

Change the number to a big one, then you can get a useful error message. And you can try different number to find the right column.

Using “union select 1,2,3,4,5” to find the right column.

Then replace it with the information we want to get. (database, user, version)

Ethical Hacking - Web Penetration Testing(9)

标签：图片   blog   user   nbsp   try   from   format   ant   mic   

原文地址：https://www.cnblogs.com/keepmoving1113/p/12287747.html