当前位置:网站首页>Week6 weekly report

Week6 weekly report

2022-07-06 07:07:00 With stars in your eyes

subject wp

 [ Geek challenge 2019]EasySQL

[ Geek challenge 2019]EasySQL_m0_62092622 The blog of -CSDN Blog Turn on the target , When you see the page, just type , Prompt password error Try adding a semicolon to indicate the existence SQL Try injecting universal password flag There is , It's really a simple question https://blog.csdn.net/m0_62092622/article/details/122888355?spm=1001.2014.3001.5502[ Strong net cup 2019] Note casually

[ Strong net cup 2019] Note casually _m0_62092622 The blog of -CSDN Blog Input quotation marks after opening the target , The error report indicates that there is SQL Inject and then enter the universal password 1' or 1=1#, All data in the table is returned , But unlike the previous question flag, You can't input every question like that 1' union select 1,2,3#, Found that the web page is filtered select Wait for a series of keywords , And you can't Bypass Stack Injection by case ( Stack injection principle : stay sql in , A semicolon indicates the end of a statement . If you add a statement after the semicolon , This statement can also be executed , Continue to add a semicolon and a statement , In this way, multiple statements can be executed in one database call ) Input 1'; show thttps://blog.csdn.net/m0_62092622/article/details/122888682?spm=1001.2014.3001.5502

[ Geek challenge 2019]LoveSQL

[ Geek challenge 2019]LoveSQL_m0_62092622 The blog of -CSDN Blog Enter a random number first , Show the password error. Try adding single quotation marks after the user name to indicate that it exists SQL Input universal password 1' or 1=1# I got the account password and tried to decrypt the string of passwords without success , So, in accordance with the SQL Injection continue , First query the number of table columns when entering 1' order by 4# when , Page error reporting , The description table has three columns, and then query the display bit 1' union select 1,2,3# Query user database and version 1' union select 1,2,concat_ws('~',database(),user(),version())# check ...https://blog.csdn.net/m0_62092622/article/details/122899086?spm=1001.2014.3001.5502

[ Geek challenge 2019]BabySQL

[ Geek challenge 2019]BabySQL_m0_62092622 The blog of -CSDN Blog https://blog.csdn.net/m0_62092622/article/details/122899398?spm=1001.2014.3001.5502

[ Geek challenge 2019]HardSQL

[ Geek challenge 2019]HardSQL_m0_62092622 The blog of -CSDN Blog Open questions :https://blog.csdn.net/m0_62092622/article/details/122899713

Experience

        I have been writing questions this week , When writing questions, I found that we should not only learn knowledge , Also know how to use , And problem solving ideas , And the use of tools can get twice the result with half the effort ,sqlmap I haven't learned how to use , I plan to study next week , By the way, what other tools are there . Next week is the last week of the holiday , But prepare for the driving test , Probably busy , For the time being, write according to the arranged topic , And learn about traffic analysis , If there is still time next week , Just write more questions , Prepare for the opening examination !

原网站

版权声明
本文为[With stars in your eyes]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202131944124987.html

边栏推荐

猜你喜欢

随机推荐