docker 安装 oracle数据库 搭建sql注入环境
docker 安装 oracle数据库sudo docker pull deepdiver/docker-oracle-xe-11g
docker run -d --name oracledb -p 1002:22 -p 1521:1521 deepdiver/docker-oracle-xe-11g
进入容器
docker exec -it oracledb /bin/bash链接:
sqlplus
账号/密码:
system/oracle查询实例:
select instance_name from v$instance;
navicat 链接如图
连接后,创建数据库用户BIHUO,创建用户后会自动创建数据库BIHUO
并在数据库BIHUO下创建表,如图:
配置mvn
把ojdbc6.jar 放到工程demo下
ojdbc6.jar下载地址
链接:https://pan.baidu.com/s/19YvhZ07xFIG661zr5fk2Mg?pwd=ekvk
提取码:ekvk
失效请联系 必火 微信:bihuoceo
mvn install:install-file -DgroupId=com.oracle -DartifactId=ojdbc6 -Dversion=11.2.0.2.0 -Dpackaging=jar -Dfile=ojdbc6.jar
在webapp下新建文件夹libs ,并把 ojdbc6.jar复制过来
在libs上点右键,选择Add as Library
测试代码
<%@ page language="java" import="java.util.*"pageEncoding="utf-8"%>
<%@ page import="oracle.jdbc.*"%>
<%@ page import="java.sql.*" %>
<%@ page import="oracle.sql.*" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>Oracle注入测试</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css" mce_href="styles.css">
-->
</head>
<body>
<%
Stringurl="http://"+request.getServerName()+":"+request.getServerPort()+request.getContextPath()+request.getServletPath();
Class.forName("oracle.jdbc.driver.OracleDriver").newInstance();
Statement stmt = null;
ResultSet rs=null;
String oraUrl="jdbc:oracle:thin:@192.168.100.10:1521:XE";
String oraUser="system";
String oraPWD="oracle";
try
{
DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
}catch (SQLException e)
{
response.getWriter().print("filed!!");
}
try
{
Connection conn=DriverManager.getConnection(oraUrl,oraUser,oraPWD);
String sql="select * from BIHUO.\"users\" where \"id\"="+request.getParameter("id");
response.getWriter().print("执行语句:<br>"+sql+"<br>");
stmt = conn.createStatement();
rs = stmt.executeQuery(sql);
response.getWriter().print("结果为:");
response.getWriter().print("<table border='1' cellpadding='4' cellspacing='0' style='background-color:White;border-color:#3366CC;border-width:1px;border-style:None;width:203px;border-collapse:collapse;'>");
response.getWriter().print("<tr style='color:#CCCCFF;background-color:#003399;font-weight:bold;'>");
response.getWriter().print("<td>id</td><td>title</td><td>content</td>");
response.getWriter().print("</tr>");
response.getWriter().print("<tr style='color:#003399;background-color:White;'>");
while(rs.next())
{
response.getWriter().print("<td>");response.getWriter().print(rs.getString(1));response.getWriter().print("</td>");
response.getWriter().print("<td>");response.getWriter().print(rs.getString(2));response.getWriter().print("</td>");
response.getWriter().print("<td>");response.getWriter().print(rs.getString(3));response.getWriter().print("</td>");
}
response.getWriter().print("<tr>");
rs.close();
stmt.close();
conn.close();
} catch (SQLException e)
{
System.out.println(e.toString());
response.getWriter().print(e.toString());
}
%>
</body>
</html>
运行页面
页:
[1]