SQL注入自学[第一学:一个简单的注入环境的编写]

/*

转载请注明出处

ID:珍惜少年时

*/

CODE区域:

/*注:现在mysql_connect的这种连接方式已经被放弃了,也就是说不用了,老夫也是新手上路故,下载了一个wampserver2.2的低版本的环境来测试,当然了可以使用“@”符号,当然了用mysqli自然也是可以的。代码有待优化。新手上路嘛。嘻嘻。
*/
php 
$localhost="localhost:3306";
$dbusername="root";
$dbpassword="";
$con=mysql_connect($localhost,$dbusername,$dbpassword);
if (!$con) {
    die('could not connect'.mysql_error());
}else{
    echo "恭喜您成功连接数据库。
"; } $selectdb=mysql_select_db('sqlinject'); if (!isset($_GET['id'])) { echo "亲,还没传参。"; exit; }else{ $queryA = "create database " ; $query = "select * from admin where id = " .$_GET['id']; } $sql=mysql_query($query); $mysql_fetch_array=mysql_fetch_array($sql); echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo "
idusernamepassword
".$mysql_fetch_array['id']."".$mysql_fetch_array['username']."".$mysql_fetch_array['password']."
"; echo "您执行的sql语句是:".$query; echo "
"."----------------------ID:珍惜少年时----------------------"; mysql_close($con); ?>

 

 

 

数据库的创建:

sql>create database sqlinject;                #创建sqlinject数据库
sql>use sqlinject;                 #使用sqlinject库
sql>create table admin              #admin表的创建
sql>(
sql>id int,                                   
sql>username varchar(255),
sql>password varchar(255)
sql>);
sql> #数据插入 sql
>insert into admin(id,username,password) values(1,"admin","admin"); sql>insert into admin(id,username,password) values(2,"liuneng","123456"); sql>insert into admin(id,username,password) values(3,"dapao","6546765"); sql>insert into admin(id,username,password) values(4,"ergou","427543"); sql>insert into admin(id,username,password) values(5,"daniu","2754616"); sql>insert into admin(id,username,password) values(6,"xiaowang","25744451"); sql>insert into admin(id,username,password) values(7,"lanlan","8416864"); sql>insert into admin(id,username,password) values(8,"zhangmei","387415"); sql>insert into admin(id,username,password) values(9,"haixing","8464354");

 

转载于:https://www.cnblogs.com/xishaonian/p/6031522.html

你可能感兴趣的:(SQL注入自学[第一学:一个简单的注入环境的编写])