Discuss / Java / 注入的恒等式~~~
Back

注入的恒等式~~~

Topic source

_崔先生_

#1 Created at ... [Delete] [Delete and Lock User] 
让 name = "bob' OR pass=", pass = " OR ''='"  你会得到所有的数据,放到老师的例子中也是成立的

祈祷明天对你也是美好的

#2 Created at ... [Delete] [Delete and Lock User]

试试这个:

String name = "admin'; DROP TABLE user; --";

  • 1

Reply