What is wide byte injection in SQL injection?

王林
Release: 2023-05-17 15:37:14
forward
1503 people have browsed it

Wide byte injection: It is a way to bypass SQL injection

1. Wide byte concept:

1. Single-byte character set: all characters are used Represented by one byte, such as ASCII encoding (0-127)

In multi-byte character sets, some characters are composed of multiple bytes, while other characters are represented by a single byte (some characters may not single byte representation).

3. UTF-8 encoding: It is an encoding method (multi-byte encoding). It can use 1~4 bytes to represent a symbol, and the byte length changes according to different symbols.

4. Common wide bytes: GB2312, GBK, GB18030, BIG5, Shift_JIS GB2312 does not have wide byte injection, and codes with wide byte injection can be collected.

5. When using wide byte injection, a feature of mysql is used. When using GBK encoding, two characters will be considered to be one Chinese character.

2. addslashes() function

1. The addslashes() function returns a string with backslashes added before predefined characters.

2. Predefined characters: single quotation mark ('), double quotation mark ("), backslash (\), NULL

3. Example

https:/ /xxxxx?name=hello'What is wide byte injection in SQL injection?

The single quotes entered were escaped and there is no way to escape

Then I looked at the page source code and request headers and found that the client encoding is gbkWhat is wide byte injection in SQL injection?

Try to enter hello�', and the console reports an error indicating that the quotation marks are not closed. The following is the js code outside the structure, and comment out the following characters to make the syntax correctWhat is wide byte injection in SQL injection?

3. Actual combat at the shooting range

1. First open the page, see the maintenance information, click in and observe that it has the id parameter, because the question is about wide byte injectionWhat is wide byte injection in SQL injection?

2. Directly enter the classic bypass method of wide byte injection: �', and you will see the error page,What is wide byte injection in SQL injection?

3. Directly modify the id parameter in SQLmap for regular detectionWhat is wide byte injection in SQL injection?

4. The password is encrypted by MD5. After decryption, you can get the login password. After logging in, you will get the KEYWhat is wide byte injection in SQL injection?

The above is the detailed content of What is wide byte injection in SQL injection?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
sql
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!