当前位置:网站首页>Record an API interface SQL injection practice
Record an API interface SQL injection practice
2022-07-06 14:07:00 【Lazy and talented】
Catalog
0x01 Ideas :google hacking grammar asmx?wsdl
0x02 Found two interfaces And can call in different places
0x03 Grab the bag repeat Judge
To guide the A tutor
0x01 Ideas :google hacking grammar asmx?wsdl
Click on url:domain/WebServices/InboxWS.asmx
0x02 Found two interfaces And can call in different places
Firefox grabbing
test
0x03 Grab the bag repeat Judge
Four parameters plus ' newspaper nynax error It can be inferred that sql Inject
Last use sqlmap Run out sqlserver database Delay Injection
Because of the proximity here 12 The point interface service is unstable Get here first
0x04 Warehouse
sqlmap grammar
python sqlmap.py -r 1.txt --batch
python sqlmap.py -r 1.txt --dbs --batch
nudges
边栏推荐
- 【数据库 三大范式】一看就懂
- 1. Preliminary exercises of C language (1)
- 7-11 机工士姆斯塔迪奥(PTA程序设计)
- Simply understand the promise of ES6
- [MySQL table structure and integrity constraint modification (Alter)]
- Force deduction 152 question multiplier maximum subarray
- Safe driving skills on ice and snow roads
- Ucos-iii learning records (11) - task management
- Using spacedesk to realize any device in the LAN as a computer expansion screen
- 简述xhr -xhr的基本使用
猜你喜欢
.Xmind文件如何上传金山文档共享在线编辑?
Hackmyvm Target Series (3) - vues
2022 Teddy cup data mining challenge question C idea and post game summary
How to understand the difference between technical thinking and business thinking in Bi?
xray与burp联动 挖掘
Hackmyvm target series (6) -videoclub
7-5 走楼梯升级版(PTA程序设计)
WEB漏洞-文件操作之文件包含漏洞
【VMware异常问题】问题分析&解决办法
Callback function ----------- callback
随机推荐
Difference and understanding between detected and non detected anomalies
[err] 1055 - expression 1 of order by clause is not in group by clause MySQL
【数据库 三大范式】一看就懂
Xray and burp linkage mining
Ucos-iii learning records (11) - task management
实验五 类和对象
Harmonyos JS demo application development
简述xhr -xhr的基本使用
Brief introduction to XHR - basic use of XHR
Renforcer les dossiers de base de l'apprentissage
【MySQL-表结构与完整性约束的修改(ALTER)】
[VMware abnormal problems] problem analysis & Solutions
"Gold, silver and four" job hopping needs to be cautious. Can an article solve the interview?
HackMyvm靶机系列(2)-warrior
. Net6: develop modern 3D industrial software based on WPF (2)
[MySQL table structure and integrity constraint modification (Alter)]
Which is more advantageous in short-term or long-term spot gold investment?
7-3 construction hash table (PTA program design)
Only 40% of the articles are original? Here comes the modification method
1. Preliminary exercises of C language (1)