摘要:
基于php+mysql平台的sql注入攻防的实操,提供较详细的ubuntu平台上的操作步骤,方便练手。
使用的平台:
Ubuntu 12.04,php 5.3.10, mysql Ver 14.14, Apache/2.2.22
步骤:
1. 在ubuntu上安装Apache,mysql,具体过程自行百度;
2.1 首先熟悉如何再mysql中建立数据表?包括用户名和对应的密码;并且熟悉其中的查询命令;完成查询测试;
2.2 完成php端的代码,完成php和mysql的链接;完成链接查询测试;
2.3 基于浏览器端的sql攻击测试;
2.1首先是对mysql的操作:
a)创建user数据库:create database user;
b)切换到user数据库:use user;
c)创建account表:create table account(name VARCHAR(20), password VARCHAR(20));里面包含用户的名字和密码;
d)在account表中插入数据:
insert into account values
(‘aaa‘, ‘111‘),
(‘bbb‘, ‘222‘);
即完成在数据库user的account表中插入两个用户的用户名和密码;
2.2 如何将php与mysql相联接?
mysql端需要设置权限,将user数据库的访问权授予findme,并且密码为findmeifyoucan.
grant select, delete on user.* to findme identified by ‘findmeifyoucan‘;
在php后端需要建立链接的代码如下:
$db = new mysqli(‘localhost‘, ‘findme‘, ‘findmeifyoucan‘, ‘user);
2.3下面分别是浏览器端和php后端的对应的代码(显示原理为主,代码尽量简化);浏览器端的html代码login.html:
<html> <head> <title>Please log in.</title> </head> <body> <form action="result.php" method="post"> Enter your user name:<br /> <input name="user" type="text" size="40" /> <br /> Enter your password:<br /> <input name="psd" type="text" size="40" /> <br /> <input type="submit" name="submit" value="search" /> </form> </body> </html>
<span style="font-size:14px;"><html> <head> <title>see if you can login</title> </head> <body> <h1>Check wether you can login in or not?</h1> <?php function check($db) { $name = $_POST["user"]; $password = $_POST["psd"]; $result = $db->query("select count(*) from account where name = '$name' and password = '$password'"); $row = $result->fetch_assoc(); if($row['count(*)'] != 0){ echo 'you login in'; }else{ echo 'you not login'; } } $db = new mysqli('localhost', 'findme', 'findmeifyoucan', 'user'); if(mysqli_connect_errno()){ echo 'Error: could not connect to database user. Please try again.'; exit; } check($db); $db->close(); ?> </body> </html></span>
原文地址:http://blog.csdn.net/bigbug_zju/article/details/42217065