Php注入点构造代码
把下面保存成Test.asp <div class="codetitle"><a style="CURSOR: pointer" data="32104" class="copybut" id="copybut32104" onclick="doCopy('code32104')"> 代码如下:
<div class="codebody" id="code32104">
<?
$
MysqL_server_name="localhost";
$
MysqL_username="root";
$
MysqL_password="password";
$
MysqL_database="
PHPzr";//??ݿ??
$conn=
MysqL_connect($
MysqL_server_name,$
MysqL_username,$
MysqL_password);
MysqL_select_db($
MysqL_database,$conn);
$id=$_GET['id'];
$
sql="selectusername,passwordfromadminwhereid=$id";
$result=
MysqL_db_query($
MysqL_database,$
sql,$conn);
$row=
MysqL_fetch_row($result);
?>
<
Metahttp-equiv="Content-Type"content="text/html;charset=utf-8">
PHPsqlInjectionTest <palign="center">
<fontcolor="#FF0000"size="5"face="华文行楷"><fontcolor="#FF0000"size="5"face="华文新魏">PHP
注入测试专用 <tablewidth="100%"height="25%"border="1"align="center"cellpadding="0"cellspacing="0">
<tr>
<td><?=$row[0]?></td>
</tr>
<tr>
<td><?=$row[1]?></td>
</tr>
</table>
<fontcolor="#0000FF">BY:孤狐浪子QQ:393214425
<fontcolor="#0000FF">Blog:Http://itpro.blog.163.com
创建
数据库代码:保存成test.
sql使用
PHPmyadmin执行就ok了 <div class="codetitle">
<a style="CURSOR: pointer" data="23818" class="copybut" id="copybut23818" onclick="doCopy('code23818')"> 代码如下: <div class="codebody" id="code23818">
CREATEDATABASE
<a href="https://www.jb51.cc/tag/PHP/" target="_blank" class="keywords">PHP</a>zr
;//创建
数据库名称 CREATETABLEadmin(
idint(10)unsign
ednOTNULLauto_increment,
usernamechar(10)NOTNULLdefault'',
passwordchar(10)NOTNULLdefault'',
useremailchar(20)NOTNULLdefault'',
groupidint(11)NOTNULLdefault'0',
PRIMARYKEY(id)
)TYPE=MyISAM; INSERTINTOadminVALUES(1,'admin','itpro.blog.163.com','itpro@163.com',1);
INSERTINTOadminVALUES(2,'admin1',2);
INSERTINTOadminVALUES(3,'admin2',3);
INSERTINTOadminVALUES(4,'admin3',4);
INSERTINTOadminVALUES(5,'admin4',5); CREATETABLEadmin1(
idint(10)unsign
ednOTNULLauto_increment,
PRIMARYKEY(id)
)TYPE=MyISAM; INSERTINTOadmin1VALUES(1,1);
INSERTINTOadmin1VALUES(2,2);
INSERTINTOadmin1VALUES(3,3);
INSERTINTOadmin1VALUES(4,4);
INSERTINTOadmin1VALUES(5,5);