欢迎大家一起来Hacking水友攻防实验室学习,渗透测试,代码审计,免杀逆向,实战分享,靶场靶机,求关注
目录
Web2用sql漏洞实战打点。
一、先用Google hacking 搜:inurl=
english/board/view****.php?code=</br>---
title: GoogleHacking - SQL 注入
created: '2021-08-24T07:23:40.521Z'
modified: '2021-08-24T07:25:11.440Z'
---
# GoogleHacking - SQL 注入
about.php?cartID=</br>
accinfo.php?cartId=</br>
acclogin.php?cartID=</br>
add.php?bookid=</br>
add_cart.php?num=</br>
addcart.php?
addItem.php
add-to-cart.php?ID=</br>
addToCart.php?idProduct=</br>
addtomylist.php?ProdId=</br>
adminEditProductFields.php?intProdID=</br>
advSearch_h.php?idCategory=</br>
affiliate.php?ID=</br>
affiliate-agreement.cfm?storeid=</br>
affiliates.php?id=</br>
ancillary.php?ID=</br>
archive.php?id=</br>
article.php?id=</br>
phpx?PageID
basket.php?id=</br>
Book.php?bookID=</br>
book_list.php?bookid=</br>
book_view.php?bookid=</br>
BookDetails.php?ID=</br>
browse.php?catid=</br>
browse_item_details.php
Browse_Item_Details.php?Store_Id=</br>
buy.php?</br>
buy.php?bookid=</br>
bycategory.php?id=</br>
cardinfo.php?card=</br>
cart.php?action=</br>
cart.php?cart_id=</br>
cart.php?id=</br>
cart_additem.php?id=</br>
cart_validate.php?id=</br>
cartadd.php?id=</br>
cat.php?iCat=</br>
catalog.php</br>
catalog.php?CatalogID=</br>
catalog_item.php?ID=</br>
catalog_main.php?catid=</br>
category.php</br>
category.php?catid=</br>
category_list.php?id=</br>
categorydisplay.php?catid=</br>
checkout.php?cartid=</br>
checkout.php?UserID=</br>
checkout_confirmed.php?order_id=</br>
checkout1.php?cartid=</br>
comersus_listCategoriesAndProducts.php?idCategory=</br>
comersus_optEmailToFriendForm.php?idProduct=</br>
comersus_optReviewReadExec.php?idProduct=</br>
comersus_viewItem.php?idProduct=</br>
comments_form.php?ID=</br>
contact.php?cartId=</br>
content.php?id=</br>
customerService.php?****ID1=</br>
default.php?catID=</br>
description.php?bookid=</br>
details.php?BookID=</br>
details.php?Press_Release_ID=</br>
details.php?Product_ID=</br>
details.php?Service_ID=</br>
display_item.php?id=</br>
displayproducts.php
downloadTrial.php?intProdID=</br>
emailproduct.php?itemid=</br>
emailToFriend.php?idProduct=</br>
events.php?ID=</br>
faq.php?cartID=</br>
faq_list.php?id=</br>
faqs.php?id=</br>
feedback.php?title=</br>
freedownload.php?bookid=</br>
fullDisplay.php?item=</br>
getbook.php?bookid=</br>
GetItems.php?itemid=</br>
giftDetail.php?id=</br>
help.php?CartId=</br>
home.php?id=</br>
index.php?cart=</br>
index.php?cartID=</br>
index.php?ID=</br>
info.php?ID=</br>
item.php?eid=</br>
item.php?item_id=</br>
item.php?itemid=</br>
item.php?model=</br>
item.php?prodtype=</br>
item.php?shopcd=</br>
item_details.php?catid=</br>
item_list.php?maingroup
item_show.php?code_no=</br>
itemDesc.php?CartId=</br>
itemdetail.php?item=</br>
itemdetails.php?catalogid=</br>
learnmore.php?cartID=</br>
links.php?catid=</br>
list.php?bookid=</br>
List.php?CatID=</br>
listcategoriesandproducts.php?idCategory=</br>
modline.php?id=</br>
myaccount.php?catid=</br>
news.php?id=</br>
order.php?BookID=</br>
order.php?id=</br>
order.php?item_ID=</br>
OrderForm.php?Cart=</br>
page.php?PartID=</br>
payment.php?CartID=</br>
pdetail.php?item_id=</br>
powersearch.php?CartId=</br>
price.php</br>
privacy.php?cartID=</br>
prodbycat.php?intCatalogID=</br>
prodetails.php?prodid=</br>
prodlist.php?catid=</br>
product.php?bookID=</br>
product.php?intProdID=</br>
product_info.php?item_id=</br>
productDetails.php?idProduct=</br>
productDisplay.php</br>
productinfo.php?item=</br>
productlist.php?ViewType=</br>Category&CategoryID=</br>
productpage.php</br>
products.php?ID=</br>
products.php?keyword=</br>
products_category.php?CategoryID=</br>
products_detail.php?CategoryID=</br>
productsByCategory.php?intCatalogID=</br>
prodView.php?idProduct=</br>
promo.php?id=</br>
promotion.php?catid=</br>
pview.php?Item=</br>
resellers.php?idCategory=</br>
results.php?cat=</br>
savecart.php?CartId=</br>
search.php?CartID=</br>
searchcat.php?search_id=</br>
Select_Item.php?id=</br>
Services.php?ID=</br>
shippinginfo.php?CartId=</br>
shop.php?a=</br>
shop.php?action=</br>
shop.php?bookid=</br>
shop.php?cartID=</br>
shop_details.php?prodid=</br>
shopaddtocart.php
shopaddtocart.php?catalogid=</br>
shopbasket.php?bookid=</br>
shopbycategory.php?catid=</br>
shopcart.php?title=</br>
shopcreatorder.php
shopcurrency.php?cid=</br>
shopdc.php?bookid=</br>
shopdisplaycategories.php
shopdisplayproduct.php?catalogid=</br>
shopdisplayproducts.php</br>
shopexd.php</br>
shopexd.php?catalogid=</br>
shopping_basket.php?cartID=</br>
shopprojectlogin.php</br>
shopquery.php?catalogid=</br>
shopremoveitem.php?cartid=</br>
shopreviewadd.php?id=</br>
shopreviewlist.php?id=</br>
ShopSearch.php?CategoryID=</br>
shoptellafriend.php?id=</br>
shopthanks.php</br>
shopwelcome.php?title=</br>
show_item.php?id=</br>
show_item_details.php?item_id=</br>
showbook.php?bookid=</br>
showStore.php?catID=</br>
shprodde.php?SKU=</br>
specials.php?id=</br>
store.php?id=</br>
store_bycat.php?id=</br>
store_listing.php?id=</br>
Store_ViewProducts.php?Cat=</br>
store-details.php?id=</br>
storefront.php?id=</br>
storefronts.php?title=</br>
storeitem.php?item=</br>
StoreRedirect.php?ID=</br>
subcategories.php?id=</br>
tek9.php?</br>
template.php?Action=</br>Item&pid=</br>
topic.php?ID=</br>
tuangou.php?bookid=</br>
type.php?iType=</br>
updatebasket.php?bookid=</br>
updates.php?ID=</br>
view.php?cid=</br>
view_cart.php?title=</br>
view_detail.php?ID=</br>
viewcart.php?CartId=</br>
viewCart.php?userID=</br>
viewCat_h.php?idCategory=</br>
viewevent.php?EventID=</br>
viewitem.php?recor=</br>
viewPrd.php?idcategory=</br>
ViewProduct.php?misc=</br>
voteList.php?item_ID=</br>
whatsnew.php?idCategory=</br>
WsAncillary.php?ID=</br>
WsPages.php?ID=</br>noticiasDetalle.php?xid=</br>
sitio/item.php?idcd=</br>
index.php?site=</br>
de/content.php?page_id=</br>
gallerysort.php?iid=</br>
products.php?type=</br>
event.php?id=</br>
showfeature.php?id=</br>
home.php?ID=</br>
tas/event.php?id=</br>
profile.php?id=</br>
details.php?id=</br>
past-event.php?id=</br>
index.php?action=</br>
site/products.php?prodid=</br>
page.php?pId=</br>
resources/vulnerabilities_list.php?id=</br>
site.php?id=</br>
products/index.php?rangeid=</br>
global_projects.php?cid=</br>
publications/view.php?id=</br>
display_page.php?id=</br>
pages.php?ID=</br>
lmsrecords_cd.php?cdid=</br>
product.php?prd=</br>
cat/?catid=</br>
products/product-list.php?id=</br>
debate-detail.php?id=</br>
cbmer/congres/page.php?LAN=</br>
content.php?id=</br>
news.php?ID=</br>
photogallery.php?id=</br>
index.php?id=</br>
product/product.php?product_no=</br>
nyheder.htm?show=</br>
book.php?ID=</br>
print.php?id=</br>
detail.php?id=</br>
book.php?id=</br>
content.php?PID=</br>
more_detail.php?id=</br>
content.php?id=</br>
view_items.php?id=</br>
view_author.php?id=</br>
main.php?id=</br>
english/fonction/print.php?id=</br>
magazines/adult_magazine_single_page.php?magid=</br>
product_details.php?prodid=</br>
magazines/adult_magazine_full_year.php?magid=</br>
products/card.php?prodID=</br>
catalog/product.php?cat_id=</br>
e_board/modifyform.html?code=</br>
community/calendar-event-fr.php?id=</br>
products.php?p=</br>
news.php?id=</br>
view/7/9628/1.html?reply=</br>
product_details.php?prodid=</br>
catalog/product.php?pid=</br>
rating.php?id=</br>
?page=</br>
catalog/main.php?cat_id=</br>
index.php?page=</br>
detail.php?prodid=</br>
products/product.php?pid=</br>
news.php?id=</br>
book_detail.php?BookID=</br>
catalog/main.php?cat_id=</br>
catalog/main.php?cat_id=</br>
default.php?cPath=</br>
catalog/main.php?cat_id=</br>
catalog/main.php?cat_id=</br>
category.php?catid=</br>
categories.php?cat=</br>
categories.php?cat=</br>
detail.php?prodID=</br>
detail.php?id=</br>
category.php?id=</br>
hm/inside.php?id=</br>
index.php?area_id=</br>
gallery.php?id=</br>
products.php?cat=</br>
products.php?cat=</br>
media/pr.php?id=</br>
books/book.php?proj_nr=</br>
products/card.php?prodID=</br>
general.php?id=</br>
news.php?t=</br>
usb/devices/showdev.php?id=</br>
content/detail.php?id=</br>
templet.php?acticle_id=</br>
news/news/title_show.php?id=</br>
product.php?id=</br>
index.php?url=</br>
cryolab/content.php?cid=</br>
ls.php?id=</br>
s.php?w=</br>
abroad/page.php?cid=</br>
bayer/dtnews.php?id=</br>
news/temp.php?id=</br>
index.php?url=</br>
book/bookcover.php?bookid=</br>
index.php/en/component/pvm/?view=</br>
product/list.php?pid=</br>
cats.php?cat=</br>
software_categories.php?cat_id=</br>
print.php?sid=</br>
docDetail.aspx?chnum=</br>
index.php?section=</br>
index.php?page=</br>
index.php?page=</br>
en/publications.php?id=</br>
events/detail.php?ID=</br>
forum/profile.php?id=</br>
media/pr.php?id=</br>
content.php?ID=</br>
cloudbank/detail.php?ID=</br>
pages.php?id=</br>
news.php?id=</br>
beitrag_D.php?id=</br>
content/index.php?id=</br>
index.php?i=</br>
?action=</br>
index.php?page=</br>
beitrag_F.php?id=</br>
index.php?pageid=</br>
page.php?modul=</br>
detail.php?id=</br>
index.php?w=</br>
index.php?modus=</br>
news.php?id=</br>
news.php?id=</br>
aktuelles/meldungen-detail.php?id=</br>
item.php?id=</br>
obio/detail.php?id=</br>
page/de/produkte/produkte.php?prodID=</br>
packages_display.php?ref=</br>
shop/index.php?cPath=</br>
modules.php?bookid=</br>
product-range.php?rangeID=</br>