Skip to content

makarov328/sql-inject-demo

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.mvn/wrapper
.mvn/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pom.xml
pom.xml
 
 

Repository files navigation

练习SQL注入的靶子项目

练习SQL注入的时候总不好去搞别人的网站,于是就写了个小东西暴露一个有SQL注入的接口,攻击这个接口就可以啦。

http://localhost:8080/user/login?username=foo&passwd=bar

所用技术栈

Spring Boot + Spring MVC + JdbcTemplate

mysql建表语句

DROP DATABASE IF EXISTS sql_inject_demo;
CREATE DATABASE sql_inject_demo;
USE sql_inject_demo;

DROP TABLE IF EXISTS t_user;
CREATE TABLE t_user(
    id BIGINT PRIMARY KEY AUTO_INCREMENT,
    username VARCHAR(100) COMMENT '用户名',
    passwd CHAR(32) COMMENT '密码'
) CHARSET UTF8;

INSERT INTO t_user (username, passwd) VALUES ('admin', MD5('admin'));

About

一个用来练习SQL注入的靶子项目

www.cnblogs.com/cc11001100/p/7634049.html

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 37.7%
  • Shell 35.2%
  • Batchfile 27.1%