当前位置:网站首页>Buuctf-[[gwctf 2019] I have a database (xiaoyute detailed explanation)
Buuctf-[[gwctf 2019] I have a database (xiaoyute detailed explanation)
2022-07-06 06:00:00 【Xiaoyute detailed explanation】
buuctf-[[GWCTF 2019] I have a database ( Xiaoyute detailed explanation )
Here I don't know why the display is garbled
Use it directly dirsearch Scan the website
Here we are phpmyadmin Catalog , Login without password succeeded .
The version number is given here MySQL database Version 4.8.1.
This version contains a file vulnerability
The principle of vulnerability is
utilize / send db_datadict.php? Become a nonexistent Directory , utilize include The directory of functions keeps jumping, trying to get flag Catalog .
payload
phpmyadmin/index.php?target=db_datadict.php?/../../../../../flag
边栏推荐
- [string] palindrome string of codeup
- Accélération de la lecture vidéo de l'entreprise
- Classes and objects (I) detailed explanation of this pointer
- H3C firewall rbm+vrrp networking configuration
- Clock in during winter vacation
- The usage and difference between strlen and sizeof
- Migrate Infones to stm32
- YYGH-11-定时统计
- C language learning notes (mind map)
- Yygh-11-timing statistics
猜你喜欢
P2802 go home
![[Jiudu OJ 07] folding basket](/img/a7/e394f32cf7f02468988addad67674b.jpg)
[Jiudu OJ 07] folding basket
IPv6 comprehensive experiment
The usage and difference between strlen and sizeof
类和对象(一)this指针详解
YYGH-11-定时统计
CoDeSys note 2: set coil and reset coil
Yunxiaoduo software internal test distribution test platform description document
Novice entry SCM must understand those things
Wib3.0 leapfrogging, in leapfrogging (ง • ̀_•́) ง
随机推荐
My 2021
Redis6 cluster setup
Request forwarding and redirection
Station B, Master Liu Er - back propagation
Migrate Infones to stm32
Software test interview questions - Test Type
Wib3.0 leapfrogging, in leapfrogging (ง • ̀_•́) ง
Gtest之TEST宏的用法
YYGH-11-定时统计
How Huawei routers configure static routes
The ECU of 21 Audi q5l 45tfsi brushes is upgraded to master special adjustment, and the horsepower is safely and stably increased to 305 horsepower
Zoom through the mouse wheel
Luogu [Beginner Level 4] array p1427 number game of small fish
误差的基本知识
First knowledge database
The ECU of 21 Audi q5l 45tfsi brushes is upgraded to master special adjustment, and the horsepower is safely and stably increased to 305 horsepower
Yunxiaoduo software internal test distribution test platform description document
Sequoiadb Lake warehouse integrated distributed database, June 2022 issue
《卓有成效的管理者》读书笔记
Classes and objects (I) detailed explanation of this pointer