Shulou(Shulou.com)05/31 Report--

How to deeply analyze the wide-byte sql injection? in order to solve this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.

Basic concept

Wide bytes are relative to single bytes such as ascII; GB2312, GBK, GB18030, BIG5, Shift_JIS and so on are all common wide bytes, but there are actually only two bytes

GBK is a kind of multi-character coding. Generally speaking, one gbk encodes Chinese characters and takes up 2 bytes. A utf-8-encoded Chinese character that occupies 3 bytes

Escape function: in order to filter some data entered by the user, special characters are escaped with a backslash "\"; the escaped function addslashes,mysql_real_escape_string,mysql_escape_string in Mysql, and another is to configure magic_quote_gpc, but this feature has been removed in the higher version of PHP.

Wide byte injection

Let's first take a look at the implementation process of SQL:

1. Take the php client as an example, after the user enters the data, the sql statement is generated and sent to the server through the default encoding of php.

When default_charset encoding is not enabled in php, the default encoding of php is empty.

At this point, php automatically determines which encoding to use based on the encoding in the database, and you can use the

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.