INSERT 上的 SQL 注入

2022-01-09 00:00:00 sql insert php mysql code-injection

此处描述的 INSERT 上的 SQL 注入似乎不适用于 MySQL.INSERT 上的 SQL 注入

The SQL Injection on INSERT as described here doesn't seem to work with MySQL. SQL injection on INSERT

当我使用这个语句时:

INSERT INTO COMMENTS VALUES('122','$_GET[value1]');

以此作为'value1'变量值:

With this as the 'value1' variable value:

<代码>');从用户中删除;--

返回此错误:

错误:您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以获取在删除用户"附近使用的正确语法;--')' 在第 1 行

怎么了???

PS:有人建议我用这个作为变量值进行 SQL 注入:

PS: Someone suggested me to do an SQL injection with this as variable value:

',(SELECT group_concat(table_name) FROM information_schema.tables INTO OUTFILE '/var/www/tables.txt'))--

但它也不起作用,并返回语法错误.

But it didn't work either, and returned a syntax error.

推荐答案

您的注入将单个 SQL 语句 (INSERT ...) 转换为多个 SQL 语句 (INSERT ...;删除...).

Your injection turns a single SQL statement (INSERT ...) into multiple SQL statements (INSERT ...; DELETE ...).

但是,PHP mysql API 不支持多条语句一个查询.(底层 MySQL C API 必须明确指示支持此功能,您的绑定不支持.)

However, the PHP mysql API does not support multiple statements in a single query. (The underlying MySQL C API must be explicitly instructed to support this functionality, which your bindings do not do.)

相关文章