Detailed explanation of PHP injection point construction code example-PHP Tutorial-php.cn

Detailed explanation of PHP injection point construction code example

怪我咯

Release： 2023-03-13 09:18:02

Original

1510 people have browsed it

php injection code to facilitate injection testing

Save the following as Test.asp
The code is as follows:

<?  
 $mysql_server_name = "localhost";  
    $mysql_username    = "root";  
    $mysql_password    = "password";  
    $mysql_database    = "phpzr";    //??ݿ??  
    $conn=mysql_connect( $mysql_server_name, $mysql_username, $mysql_password );  
    mysql_select_db($mysql_database,$conn);  
$id=$_GET[&#39;id&#39;];  
    $sql = "select username,password from admin where id=$id";  
    $result=mysql_db_query( $mysql_database, $sql,$conn );      
    $row=mysql_fetch_row($result);  
?>  
<html>  
<head>  
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">  
<title>Php Sql Injection Test </title>  
</head>  
<body>  
<p align="center"><b><font color="#FF0000" size="5" face="华文行楷"> </font><font color="#FF0000" size="5" face="华文新魏">PHP   
注入测试专用</font></b></p>  
<table width="100%" height="25%" border="1" align="center" cellpadding="0" cellspacing="0">  
<tr>  
<td><?=$row[0]?></td>  
</tr>  
<tr>  
<td><?=$row[1]?></td>  
</tr>  
</table>  
<p><u><font color="#0000FF">BY:孤狐浪子 QQ:393214425 </font></u></p>  
<p><font color="#0000FF">Blog: Http://itpro.blog.163.com</font></p>  
<p> </p>  
</body>  
</html>

Copy after login

Create database Code: Save it as test.sql and use phpmyadmin to execute it.

The code is as follows:

CREATE DATABASE `phpzr` ; //创建数据库名称  


CREATE TABLE admin (  
  id int(10) unsigned NOT NULL auto_increment,  
  username char(10) NOT NULL default &#39;&#39;,  
  password char(10) NOT NULL default &#39;&#39;,  
  useremail char(20) NOT NULL default &#39;&#39;,  
  groupid int(11) NOT NULL default &#39;0&#39;,  
  PRIMARY KEY  (id)  
) TYPE=MyISAM;  

   

INSERT INTO admin VALUES (1, &#39;admin&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 1);  
INSERT INTO admin VALUES (2, &#39;admin1&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 2);  
INSERT INTO admin VALUES (3, &#39;admin2&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 3);  
INSERT INTO admin VALUES (4, &#39;admin3&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 4);  
INSERT INTO admin VALUES (5, &#39;admin4&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 5);  

CREATE TABLE admin1 (  
  id int(10) unsigned NOT NULL auto_increment,  
  username char(10) NOT NULL default &#39;&#39;,  
  password char(10) NOT NULL default &#39;&#39;,  
  useremail char(20) NOT NULL default &#39;&#39;,  
  groupid int(11) NOT NULL default &#39;0&#39;,  
  PRIMARY KEY  (id)  
) TYPE=MyISAM;  

   

INSERT INTO admin1 VALUES (1, &#39;admin&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 1);  
INSERT INTO admin1 VALUES (2, &#39;admin1&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 2);  
INSERT INTO admin1 VALUES (3, &#39;admin2&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 3);  
INSERT INTO admin1 VALUES (4, &#39;admin3&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 4);  
INSERT INTO admin1 VALUES (5, &#39;admin4&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 5);

Copy after login

The above is the detailed content of Detailed explanation of PHP injection point construction code example. For more information, please follow other related articles on the PHP Chinese website!