Tag: blind

metinfo_5.0.4 boolean blind exp

metinfo_5.0.4 Boolean blind injection script Network disk link Extraction code: dx2o Boolean blind injection judgment basis successful request http://10.9.47.148/metinfo_5.0.4/about/show.php?lang=cn &id=22 and 1=1 failed request http://10.9.47.148/metinfo_5.0.4/about/show.php?lang=cn & amp;id=22 and 1=2 Using blind injection script Startup script python metinfo_booleanBasedBlind.py Explode database name and table name Enter the target IP and automatically blast the current database name and […]

LINUX Talk (Spend 10 minutes to learn blind box knowledge points) (perror, O_CREAT|O_RDWR, S_IRWXU, lseek, dup, system, struct stat statbuf, regular file bits)

ok friends, without further ado, let’s take a look at the code below! First question: if(fd1< 0) { perror(“open :”); printf(“errno is:%d \ “,errno); This code is used to handle the situation where the file fails to open: The open() function will return a non-negative file descriptor when the file is successfully opened, and -1 […]

sqli-labs level 5 (blind error reporting based on single quotes enclosed by get submission) ideas for passing the level

Article directory Preface 1. Review the knowledge points from previous levels 2. Knowledge you need to know about the fifth level of the shooting range 1. What is a blind bet? 2. How many categories are blind bets divided into? 3. Related functions used for error injection 3. Ideas for the fifth level of the […]

MySQL Sqli-labs less5 blind injection

Reference: Sqli-labs less 5: https://www.cnblogs.com/lcamry/p/6122257.html 12 types of error injection + universal statements: https://www.jianshu.com/p/bc35f8dd4f7c Common functions in SQL injection: https://www.jianshu.com/p/146cabe5959d sqli-labs-Less5 Learn about various error injections: https://blog.csdn.net/rfrder/article/details/108674217 https://blog.csdn.net/m0_47470899/article/details/118695774 https://blog.csdn.net/like98k/article/details/79436463 Detailed explanation of double query injection: https://blog.csdn.net/Leep0rt/article/details/78556440 principle: The function comes from the xiaodi day 16 document: like ‘ro%’ #Judge whether ro or ro… is true […]

Bugku sql injection Boolean-based SQL blind injection classic question where information filtering

Table of Contents Bypass spaces /**/Bypass () bypass Enter to bypass ·(key button) bypass equal sign bypass Bypass, (comma) use substr There are basic bypasses below Comment bypass /**/Bypass #Bypass /*Comment content*/Bypass //comment bypass Case bypass Bypass information filtering Simple blast table name bugku Boolean-based SQL blind injection_bugku Boolean-based SQL blind injection-CSDN blog The questions […]

Reproduction of python script for sql blind injection

SQL injection blind injection operation Recently, when I was studying SQL injection, I was more interested in the gameplay of blind injection. I wrote some python scripts about blind injection. This environment is for the eighth level of sqlilabs. Similar modifications can be made in other scenarios. 1. Exploding database length payload:’ and length(database())={<!– –>}– […]

SQL manual blind injection – error echo

Software used: phpstudy (MySQL5.7.26, PHP5.3.29), sqli-labs shooting range, Burp Suite, Google Chrome, win11 Functions used for error reporting and echoing updatexml() extractvalue() Shooting range drill Step 1 – Determine whether to use single quotes or double quotes. Step 2 – Guess the column name Step 3 – Blind injection using extractvalue() function Step 4 – […]