TAIWAN
2003-11-23, 10:01 PM
使用 phpBB 架站必讀 SQL INJECTION in phpBB Profile.PHP
http://www.phpbb.com/
phpbb have a list of registereds users, when you click on a memebr of this list, you \ are requesting data to the database
for example:
http://www.example.com/forum/profile.php?mode=viewprofile&u=2
this url show the information to the user with the uid = 2, the uid is a number \ assigned to users in phpbb.
but it isn't secure, because if you use this url, you can inject sql comands...
exploit:
http://www.example.com/profile.php?mode=viewprofile&u='[sqlcode]
where [sql code] represents the code may be injected.
贊助商連結
http://www.phpbb.com/
phpbb have a list of registereds users, when you click on a memebr of this list, you \ are requesting data to the database
for example:
http://www.example.com/forum/profile.php?mode=viewprofile&u=2
this url show the information to the user with the uid = 2, the uid is a number \ assigned to users in phpbb.
but it isn't secure, because if you use this url, you can inject sql comands...
exploit:
http://www.example.com/profile.php?mode=viewprofile&u='[sqlcode]
where [sql code] represents the code may be injected.
贊助商連結