帮助查找此 MySQL 页面中的安全漏洞?

发布于 2024-08-23 04:57:16 字数 898 浏览 10 评论 0原文

我正在尝试查找 MySQL 页面中的安全漏洞。这是学习 SQL 的班级作业。通过文本框,他们将有权访问数据库以提交查询并查看它是否返回正确的数据集。我想知道他们是否可以做任何恶意的事情。

这是 SHOW GRANTS 查询的结果:

Grants for user@localhost
GRANT USAGE ON *.* TO 'user'@'localhost' IDENTIFIED BY PASSWORD 'the password'
GRANT SELECT ON `server\_dir`.* TO 'user'@'localhost'
GRANT SELECT ON `server\_dir\_ans`.* TO 'user'@'localhost'

有人能解释一下这些 GRANT 语句的含义吗?什么是*.*GRANT USAGE?我还能对这个网站做些什么来破坏它?

该网站本身是用 PHP 编写的。

作为对 The Rook 的回应,当我执行:

UPDATE mysql.user set Password = password("hacked");
FLUSH PRIVILEGES;

我得到:

Error Number: 1142. UPDATE command denied to user 'user'@'localhost' for table 'user'
Error Number: 1227. Access denied; you need the RELOAD privilege for this operation

正如我所想,用户似乎缺乏执行此操作所需的权限。或者我误解了什么?

I am trying to find security flaws in a MySQL page. It is an assignment for a class learning about SQL. Through a textbox, they will be given access to a database to submit queries and see if it returns the correct data sets. I want to find out if there's anything malicious they could do.

This is the result of a SHOW GRANTS query:

Grants for user@localhost
GRANT USAGE ON *.* TO 'user'@'localhost' IDENTIFIED BY PASSWORD 'the password'
GRANT SELECT ON `server\_dir`.* TO 'user'@'localhost'
GRANT SELECT ON `server\_dir\_ans`.* TO 'user'@'localhost'

Can someone explain what these GRANT statements mean? What is *.* and GRANT USAGE? What else can I do to this site to break it?

The site itself is written in PHP.

In response to The Rook, when I execute:

UPDATE mysql.user set Password = password("hacked");
FLUSH PRIVILEGES;

I get back:

Error Number: 1142. UPDATE command denied to user 'user'@'localhost' for table 'user'
Error Number: 1227. Access denied; you need the RELOAD privilege for this operation

As I thought, it appears that the user lacks permissions necessary to do this. Or am I misunderstanding something?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

阳光的暖冬 2024-08-30 04:57:16

*.* 表示所有数据库上的所有表。

安全缺陷在 php 中比在 msyql 中更常见,请参阅此 Wikipedia 文章了解常见问题:SQL注射

GRANT USAGE 表示没有权限

*.* means all tables on all databases.

The flaws in security will happen more in the php than in the msyql, see this Wikipedia article for common issues: SQL Injection.

GRANT USAGE means no privileges.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文