php 注入点构造示例代码-php教程-PHP中文网

php 注入点构造示例代码

怪我咯

发布： 2017-07-13 14:28:23

原创

1011人浏览过

为了练习sql注入操作，我们可以自己构造注入点来进行测试，

PHP注入点构造实例代码

把下面保存成 Test.asp

<?  
 $mysql_server_name = "localhost";  
    $mysql_username    = "root";  
    $mysql_password    = "password";  
    $mysql_database    = "phpzr";    //??ݿ??  
    $conn=mysql_connect( $mysql_server_name, $mysql_username, $mysql_password );  
    mysql_select_db($mysql_database,$conn);  
$id=$_GET[&#39;id&#39;];  
    $sql = "select username,password from admin where id=$id";  
    $result=mysql_db_query( $mysql_database, $sql,$conn );      
    $row=mysql_fetch_row($result);  
?>  
<html>  
<head>  
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">  
<title>Php Sql Injection Test </title>  
</head>  
<body>  
<p align="center"><b><font color="#FF0000" size="5" face="华文行楷"> </font><font color="#FF0000" size="5" face="华文新魏">PHP   
注入测试专用</font></b></p>  
<table width="100%" height="25%" border="1" align="center" cellpadding="0" cellspacing="0">  
<tr>  
<td><?=$row[0]?></td>  
</tr>  
<tr>  
<td><?=$row[1]?></td>  
</tr>  
</table>  
<p><u><font color="#0000FF">BY:孤狐浪子 QQ:393214425 </font></u></p>  
<p><font color="#0000FF">Blog: Http://itpro.blog.163.com</font></p>  
<p> </p>  
</body>  
</html>

登录后复制

创建数据库代码：保存成test.sql 使用phpmyadmin执行就ok了

CREATE DATABASE `phpzr` ; //创建数据库名称  


CREATE TABLE admin (  
  id int(10) unsigned NOT NULL auto_increment,  
  username char(10) NOT NULL default &#39;&#39;,  
  password char(10) NOT NULL default &#39;&#39;,  
  useremail char(20) NOT NULL default &#39;&#39;,  
  groupid int(11) NOT NULL default &#39;0&#39;,  
  PRIMARY KEY  (id)  
) TYPE=MyISAM;  

   

INSERT INTO admin VALUES (1, &#39;admin&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 1);  
INSERT INTO admin VALUES (2, &#39;admin1&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 2);  
INSERT INTO admin VALUES (3, &#39;admin2&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 3);  
INSERT INTO admin VALUES (4, &#39;admin3&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 4);  
INSERT INTO admin VALUES (5, &#39;admin4&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 5);  

CREATE TABLE admin1 (  
  id int(10) unsigned NOT NULL auto_increment,  
  username char(10) NOT NULL default &#39;&#39;,  
  password char(10) NOT NULL default &#39;&#39;,  
  useremail char(20) NOT NULL default &#39;&#39;,  
  groupid int(11) NOT NULL default &#39;0&#39;,  
  PRIMARY KEY  (id)  
) TYPE=MyISAM;  

   

INSERT INTO admin1 VALUES (1, &#39;admin&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 1);  
INSERT INTO admin1 VALUES (2, &#39;admin1&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 2);  
INSERT INTO admin1 VALUES (3, &#39;admin2&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 3);  
INSERT INTO admin1 VALUES (4, &#39;admin3&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 4);  
INSERT INTO admin1 VALUES (5, &#39;admin4&#39;, &#39;itpro.blog.163.com&#39;,&#39;itpro@163.com&#39;, 5);

登录后复制

以上就是php 注入点构造示例代码的详细内容，更多请关注php中文网其它相关文章！