SQL Injection DROP TABLE not working

时间秒杀一切 提交于 2021-02-08 05:34:54

问题


I need to demonstrate SQL Inject using PHP/MySQL. I want to inject a DROP TABLE query in a login form but it never works. (TRUNCATE table works fine OTOH). After I input '; drop table users; # as field input; query turns out to be

SELECT * FROM `users` WHERE `email` = ''; DROP TABLE users; #' AND `password` LIKE '3232';

But it never works using mysql_query() function. When I copy/paste this query in PHPmyAdmin directly, it works perfectly and table gets dropped. What can be the issue?


回答1:


This is not possible in php/MySQL as php does not support stacked queries. The moment you inject semicolon (;) it will fail.

You can do many other much more creative exploits using sql injection in a php-mysql application though.

  1. Enumerate all databases
  2. Table Names and Column Names
  3. Values stored in tables
  4. Upload a php backdoor

Check Out for SQL-Map as well.




回答2:


MULTIPLE SQL Execution is not enabled by defaults.

So SQL Injection like ;drop table won't work. please enable multiple sql execution. this could be enabled like http://php.net/manual/en/mysqli.quickstart.multiple-statement.php if you are using mysqli.

useful SQL Injection is :

SELECT COUNT(*) FROM users
WHERE user_id = '$user_id' AND passwd = '$passwd'

and user inserts passwd to ' || '1' = '1.



来源:https://stackoverflow.com/questions/24758105/sql-injection-drop-table-not-working

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!