SQLI-LABS
文章平均质量分 85
# SQLI-LABS
Ho1aAs
Tutte le strada portano a roma.
展开
-
特殊时间盲注——对字符进行编码,并通过正常查询获取字符_SQLI-LABS Less-62
文章目录前言一、特性Ⅰ、MySQL查询不区分大小写Ⅱ、采用编码的原因Ⅲ、MySQL字符串和数字拼接特性二、编码时间盲注的想法三、代码流程、字典变量、注入点构造、获取每一位的字符1、正则表达式获取用户名,并获取id值2、对字母的操作3、对数字的操作前言记一次特殊的时间盲注,题目来源于SQLI-LABS的Less62题目闭合单引号和括号注入,正常查询的表有13个数据,会回显查到的ID对应的记录,限定查询次数130次,需要得到:表名10字符、列名4字符、flag24字符,均为大小写、数字混合正常查询:原创 2021-04-19 14:40:38 · 415 阅读 · 0 评论 -
SQLI-LABS——Page-4 Challenges Less-54~Less65
文章目录前言题解Less-54Less-55Less-56Less-57Less-58Less-59Less-60Less-61Less-62~65完前言包含挑战Less-54~65,后面的题目因为文件缺失做不了,基于PHP7这章是类小型ctf环境,通过爆flag过关题解Less-54页面上提示flag存在challenges库,限定十次机会The objective of this challenge is to dump the (secret key) from only random原创 2021-04-17 16:49:56 · 298 阅读 · 0 评论 -
SQLI-LABS——Page-3 Stacked Injections Less-38~Less53
文章目录前言常见堆叠注入语句布尔盲注补充题解Less-38Less-39Less-40Less-41Less-42Less-43Less-44Less-45Less-46Less-47Less-48Less-49Less-50Less-51Less-52Less-53完前言常见堆叠注入语句INSERT INTO `TABLE` (COL1, COL2, ...) VALUES (VAL1, VAL2, ...)UPDATE `TABLE` SET COL1=VAL1,COL2=VAL2, ...原创 2021-04-08 21:41:33 · 303 阅读 · 0 评论 -
SQLI-LABS——Page-2 Advanced Injections Less21~Less37
文章目录前言题解Less-21Less-22Less-23 limit Comment markLess-24 change the admin's passwordLess-25 limit AND and ORLess-25aLess-26 Error based,limit AND,OR,SPACE,Comment,error basedLess-26a Blind based,adding parenthesis based 26Less-27 Error based,limit SELECT an原创 2021-04-02 15:05:25 · 295 阅读 · 0 评论 -
SQLI-LABS——Page-1 Basic Challenges Less-1~Less-20
文章目录前言题解Less-1Less-2Less-3Less-4Less-5Less-6Less-7Less-8Less-9Less-10Less-11Less-12Less-13Less-14Less-15Less-16Less-17Less-18Less-19Less-20完前言记录一下SQLI-LABS基础部分前二十题,(某些题目只爆出了库名以下是盲注tips:时间盲注报错注入布尔盲注题解Less-1最简单的单引号字符型注入,回显点有两个,注入两个group_cocnat()[原创 2021-03-28 22:14:23 · 536 阅读 · 2 评论