当前位置:网站首页>SQL injection 2

SQL injection 2

2022-07-06 20:17:00 Fan Pei West

Blind note

What should we do when our injection statement is brought into the database query but nothing is returned ? for example
Insert picture description here
Insert picture description here

Boolean type sql Blind note
substr() function
substr(string,start,length)
string( It's necessary ) Specifies that a part of the string to be returned .start( It's necessary ) Specify where to start the string .length( Optional ) Specifies the length of the returned string .
Insert picture description here
Insert picture description here
The following results 1 It's true ,0 For false
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Manual blind injection is usually not used in actual operation , have access to sqlmap And other tools to increase the efficiency of blind Injection .

Time type sql Blind note
Enter last vince’ and ascii(substr(database(),1,1))=112#, The returned information finds that there is no injection point . Then you can't inject ? But in fact, it can be injected through the execution time of the back end .
Insert picture description here
Insert picture description here
Insert picture description here
Then you can use tools to measure

Wide byte Injection

Premise :mysql The coding set of is gbk And magic quotation mark escape is checked
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here
Insert picture description here

原网站

版权声明
本文为[Fan Pei West]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202131226249357.html

边栏推荐

猜你喜欢

随机推荐