php注入点构造代码实例详解

怪我咯
发布: 2023-03-13 09:18:02
原创
1527 人浏览过

php注入代码,方便注入测试

把下面保存成 Test.asp
代码如下:

<?  
 $mysql_server_name = "localhost";  
    $mysql_username    = "root";  
    $mysql_password    = "password";  
    $mysql_database    = "phpzr";    //??ݿ??  
    $conn=mysql_connect( $mysql_server_name, $mysql_username, $mysql_password );  
    mysql_select_db($mysql_database,$conn);  
$id=$_GET[&#39;id&#39;];  
    $sql = "select username,password from admin where id=$id";  
    $result=mysql_db_query( $mysql_database, $sql,$conn );      
    $row=mysql_fetch_row($result);  
?>  
<html>  
<head>  
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">  
<title>Php Sql Injection Test </title>  
</head>  
<body>  
<p align="center"><b><font color="#FF0000" size="5" face="华文行楷"> </font><font color="#FF0000" size="5" face="华文新魏">PHP   
注入测试专用</font></b></p>  
<table width="100%" height="25%" border="1" align="center" cellpadding="0" cellspacing="0">  
<tr>  
<td><?=$row[0]?></td>  
</tr>  
<tr>  
<td><?=$row[1]?></td>  
</tr>  
</table>  
<p><u><font color="#0000FF">BY:孤狐浪子 QQ:393214425 </font></u></p>  
<p><font color="#0000FF">Blog: Http://itpro.blog.163.com</font></p>  
<p> </p>  
</body>  
</html>
登录后复制

创建数据库代码:保存成test.sql 使用phpmyadmin执行就ok了

代码如下:

CREATE DATABASE `phpzr` ; //创建数据库名称  


CREATE TABLE admin (  
  id int(10) unsigned NOT NULL auto_increment,  
  username char(10) NOT NULL default &#39;&#39;,  
  password char(10) NOT NULL default &#39;&#39;,  
  useremail char(20) NOT NULL default &#39;&#39;,  
  groupid int(11) NOT NULL default &#39;0&#39;,  
  PRIMARY KEY  (id)  
) TYPE=MyISAM;  

   

INSERT INTO admin VALUES (1, &#39;admin&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 1);  
INSERT INTO admin VALUES (2, &#39;admin1&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 2);  
INSERT INTO admin VALUES (3, &#39;admin2&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 3);  
INSERT INTO admin VALUES (4, &#39;admin3&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 4);  
INSERT INTO admin VALUES (5, &#39;admin4&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 5);  

CREATE TABLE admin1 (  
  id int(10) unsigned NOT NULL auto_increment,  
  username char(10) NOT NULL default &#39;&#39;,  
  password char(10) NOT NULL default &#39;&#39;,  
  useremail char(20) NOT NULL default &#39;&#39;,  
  groupid int(11) NOT NULL default &#39;0&#39;,  
  PRIMARY KEY  (id)  
) TYPE=MyISAM;  

   

INSERT INTO admin1 VALUES (1, &#39;admin&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 1);  
INSERT INTO admin1 VALUES (2, &#39;admin1&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 2);  
INSERT INTO admin1 VALUES (3, &#39;admin2&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 3);  
INSERT INTO admin1 VALUES (4, &#39;admin3&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 4);  
INSERT INTO admin1 VALUES (5, &#39;admin4&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 5);
登录后复制

以上是php注入点构造代码实例详解的详细内容。更多信息请关注PHP中文网其他相关文章!

相关标签:
来源:php.cn
本站声明
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn
热门教程
更多>
最新下载
更多>
网站特效
网站源码
网站素材
前端模板