Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ MySQL concat function is SQL injection     - Online booking shocking information leakage risk, you dare book the tickets online? (Linux)

- How to use the ps command to monitor progress in the implementation of Linux commands (Linux)

- Ubuntu install video conversion tool Selene (Linux)

- Learning Linux coding style (Programming)

- Getting Started with Linux system to learn: how to get the process ID (PID) in the script (Linux)

- Manually compile Hadoop 2.6.0 under Ubuntu 14.04 (Server)

- Intel Graphics Installer 1.0.3 released, support for Ubuntu (Linux)

- Linux Operating System Security Management describes the top ten tricks (Linux)

- Android Studio interface-related settings (Linux)

- C # assembly calls across constants, variables and functions (Programming)

- Linux Network Security Tips Share (Linux)

- Linux Shell Scripting (Programming)

- DIY security of Linux platform (Linux)

- Vagrant Getting Start (Linux)

- Kubernetes (k8s) environment to build combat (Server)

- Linux, grep, sed usage (Linux)

- mysql_config_editor encryption and decryption of the new features of MySQL realization (Database)

- Android project and coding specifications (Programming)

- Java Timer (regular calling, to achieve a fixed time to perform) (Programming)

- Linux raw socket (Programming)

  MySQL concat function is SQL injection
  Add Date : 2017-01-08      
  SQL injection statements sometimes use an alternate query technology, it is to make the results of the original query finding mistakes, and let's have constructed query execution, and the execution results instead of the original query query results are displayed.
For example: the original query is select username, email, content from test_table where user_id = uid; where uid, is entered by the user. Results appear normal display the user name, the user's mailbox, the user message content. However, if the filter uid lax, we can construct the following SQL statement to obtain any data table information.
uid = -1 union select username, password, content from test_talbe where user_id = administrator id;

The actual implementation is select username, email, content from test_table where user_id = -1 union select username, password, content from test_talbe where user_id = administrator id; which displays a normal user emai place, became the administrator's password.

But often things are not so simple, first of all to find loopholes, followed by construction of such a statement when you want to consider the type of each field, so int or samllint type varchar field displays clearly inappropriate. This article is the final say.

If a problem occurs in SQL statements only one or two fields how do we want to know a lot of things, one or two fields too small, can not meet our needs. Then we can use concat function.

concat function could have been so used SELECT CONCAT ( 'My', 'S', 'QL'); execution result is 'MySQL'. Which is connected to the role. We use it to serve us,

uid = -1 union select username, concat (password, sex, address, telephone), content from test_talbe where user_id = administrator id;

This statement actually query the six fields, but the time is displayed, the password, sex, address, telephone and other fields together, displayed in the original email should show place.
- Android Studio simple setup (Linux)
- NFS installation process under the CentOS (Linux)
- MySQL performance view and configure finishing Daquan (Database)
- Python type way of comparison (Programming)
- Linux keyboard recording script (Linux)
- Matters Oracle 11.2 single instance when connecting ASM need to pay attention and deal with the problem (Database)
- How to use the process on the desktop xkill end Linux (Linux)
- Python Django direct implementation of sql statement (Programming)
- Live Wallpaper for Linux release adds dynamic background (Linux)
- Install Web-based monitoring tool: Linux-Dash (Server)
- Linux / proc directory Comments (Linux)
- ORA-30926 and MERGE tables empty the temporary occupation problem (Database)
- What is a logical partition management LVM, how to use in Ubuntu (Linux)
- MySQL Installation Troubleshooting (Database)
- HBase cluster installation and deployment (Server)
- The Linux role of each directory contents (Linux)
- 10 tips daily Docker (Server)
- OpenSSL Introduction and compilation steps on Windows, Linux, Mac systems (Linux)
- Depth understanding of C language (Programming)
- Dialogue UNIX:! $ # @ *% (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.