* @version 1.0 * @copyright Copyright (C) Ralfe Poisson 2008 * @package SQLinjection * * ------------------------------------------------------------------- * * TABLE Layout : * myqsl> CREATE TABLE `users` * ( * `user` varchar(255) NOT NULL default '', * `pass` varchar(255) NOT NULL default '' * ); * * ------------------------------------------------------------------- * */ # ========================================================================= # SCRIPT SETTINGS # ========================================================================= $mysql_host = "apt-etude.com"; $mysql_user = "sql_inject"; $mysql_pass = "sql1Nj3ct"; $mysql_db = "mysql_hacks"; $mysql_table = "users"; $cur_page = "sql_inject.php"; # ========================================================================= # DISPLAY FUNCTIONS # ========================================================================= function display() { # Global Variables global $cur_page; # Display Login Form ?> SQL Injection Attack Demo

SQL Injection Attack Demo

Username :
Password :
$user.
\n"; print "Try Again\n"; } else { print "Error : Invalid Username and Password.
\n"; print "Back\n"; } } function query($sql) { # Global Variables global $mysql_host, $mysql_user, $mysql_pass, $mysql_db, $cur_page; # Connect To Database $link = mysql_connect($mysql_host, $mysql_user, $mysql_pass) or die("Error : Could not connect to MySQL server."); # Select Database mysql_select_db($mysql_db, $link) or die("Error : Could not USE $mysql_db database."); # Execute Query print "
$sql


\n";; $result = mysql_query($sql); # Handle Errors $err = mysql_error(); if (strlen($err)){ print "DB Error : $err.
"; print "Try Again\n"; die(); } # Return Result Set return $result; } # ========================================================================= # ACTION HANDLER # ========================================================================= if (isset($_GET['action'])){ $action = $_GET['action']; if ($action == "display"){ display(); } else if ($action == "process"){ process(); } else { print "Error : Invalid action `$action`.
"; } } else { display(); } # ========================================================================= # THE END # ========================================================================= ?>