目前应该还没法用
参考(照搬了不少其实)了大佬的代码终于正常运行了,代码的问题估计比代码还多
还是有不少语法错误,这次真能用了
结构:
1
2
3
4
5
6
| $ sqltry/
$ ├── docker-compose.yml
$ ├── Dockerfile
$ └── web
$ ├── db.sql
$ └── index.php
|
index.php:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
| <html>
<head>
<title>
veryeasysql
</title>
<meta charset="UTF-8">
<link rel="stylesheet" type="text/css" href="./index.css">
<style>body{height:100%}</style>
</head>
<div class="index_01">
<table style="width:100%;height:100;">
<tr>
<table width=350 height=230 class="index_table">
<form method ="POST" action="index.php" name="check">
<tr style="font-size: 25px;">
<td colspan="2" style="font-size: 35px;">查询</td>
</tr>
<tr>
<td style="font-size: 25px;">账号</td>
<td><input type="name" name="uid" placeholder="请输入账号" style="width:180px;font-size: 20px;border-radius: 8px;"></td>
</tr>
<tr>
<td style="font-size: 25px;">密码</td>
<td><input type="password" type="password" name="password" placeholder="请输入密码" style="width:180px;font-size: 20px;border-radius: 8px;"></td>
</tr>
<td colspan="2">
<input type="submit" name="submit" value="submit" class="btn">
</td>
</from>
</table>
</tr>
</table>
</div>
</body>
</html>
<?php
session_start();
$id=$_POST['uid'];
$password=$_POST['password'];
$conn = mysqli_connect("127.0.0.1","root","root","kali");
if($conn->connect_error){
die("数据库连接失败".$conn->connect_error);
}
$sql="select * from users where username='$id' and password='$password'";
print($sql);
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_row($result);
if($id == "" || $password == ""){
echo "账号密码不能为空";
exit;
}
if($result){
if($row){
echo 'password:'.$row[1];
echo "<br>";
echo "<br>";
}else{
echo "账号不存在或密码错误";
echo "<br>";
echo "<br>";
}
}else echo "出错:".$conn->error;
?>
|
docker-compose.yml:
1
2
3
4
5
6
7
8
9
10
11
12
| version: "3"
services:
web:
build: .
image: sqli
ports:
- "400:80"
deploy:
resources:
limits:
cpus: '0.50'
memory: 512M
|
Dockerfile:
1
2
3
4
5
6
7
8
| FROM ctfhub/base_web_nginx_mysql_php_74
COPY web /var/www/html
RUN sh -c 'mysqld_safe &' \
&& sleep 5s \
&& mysql -uroot -proot -e "source /var/www/html/db.sql" \
&& chown -R www-data:www-data /var/www/html
|
db.sql:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| CREATE DATABASE IF NOT EXISTS kali;
USE kali;
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
SET time_zone = "+00:00";
CREATE TABLE `users` (
`username` varchar(10) NOT NULL,
`password` varchar(30) NOT NULL,
PRIMARY KEY (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
INSERT INTO `users` (`username`, `password`) VALUES ('admin', 'flag{123abc#}');
INSERT INTO `users` (`username`, `password`) VALUES ('xin', 'DALLAS');
INSERT INTO `users` (`username`, `password`) VALUES ('SALES', 'CHICAGO');
INSERT INTO `users` (`username`, `password`) VALUES ('OPERATIONS', 'BOSTON');
COMMIT;
|
难度也变得非常智障