Shooting range environment setup:
Link: https://pan.baidu.com/s/1V_Ij9NfJzRSeYq1alSecew Extraction code: 3333
Open apache and mysql of phpstudy, put the shooting range environment in the www directory, and access 127.0.0.1/filename in the browser
Level 1:
There is no defensive measure. Enter it directly in the URL and you can directly bypass it.
<script>alert(1)</script>
Level 2:
Looking at the source code, we found value=”test”, so we need to use “> to close it, and use “> after the // comment
enter:
"><script>alert(1)</script>//
Level 3:
First enter