详细手工注入（Detailed manual injection）.docVIP

详细手工注入（Detailed manual injection） 1, add single quotes to submit, Results: if there is an error prompt, the site might have an injection vulnerability. 2, digital judgment whether there is injection; statements: and 1=1; and 1=2 (Classic), and1=1 (character type) Results: different pages were returned to indicate the presence of injection vulnerabilities Analysis: and means and if we did not filter statement, and 1=1 will be substituted into SQL query query, if the two statement before and after and were true will not go wrong, but if there is a false statement before and after the storm, the program will be wrong. It also indicates that the program has injection holes Injection prevention solution: 1 uses or 21; or 12 to judge Results: different pages were returned to indicate the presence of injection vulnerabilities Analysis: or injection only requires two statements before and after, as long as there is a correct, it is true, if two statements are correct, but false. Remember: when or is injected, if the statement after or is correct, the error page is returned! If it is wrong, return the correct page to indicate the presence of the injection point. 2 uses XOR 1=1; XOR 1=2 Results: different pages were returned to indicate the presence of injection vulnerabilities Analysis: XOR stands for XOR, meaning that the connected expression is true only when one is true. Remember: when XOR is injected, if the statement after XOR is correct, the error page area is returned. If it is wrong, the correct page is returned to indicate the presence of the injection point. 3 converts and 1=1 into URL encoded form and then submits the and 1=1 URL encoding:%41%4E%44%20%%31%3D%31 4 uses -1; -0 Analysis: if you return to the front page and different, is another piece of news, said that injection vulnerability is numeric injection; in the URL address followed by -0, URL into news.asp? Id=123-0, to return to the page and in front of the same page, plus -1, returns an error page, also s