0x01 Preface In the field of computer security, the danger of a vulnerability is often closely related to its breadth and potential attack methods. Today we’ll take a deep dive into an incredibly dangerous vulnerability that exists in a common function called “exit” that is executed when a program exits. Whether in the operating system […]
Tag: blind
A brief discussion on Boolean blind injection (sqli-labs less-8)
I have been doing Boolean blind injection questions for the past two days (for example: sqli-labs less-8). I am almost sick. It is too troublesome to try characters one by one. I have found several Boolean blind injection scripts on the Internet, and they are all similar. I have studied them. After a while, I […]
Memory Exploitation: Late Blindless and Inescapable Exit Vulnerabilities
0x01 Preface In the field of computer security, the danger of a vulnerability is often closely related to its breadth and potential attack methods. Today we’ll take a deep dive into an incredibly dangerous vulnerability that exists in a common function called “exit” that is executed when a program exits. Whether in the operating system […]
dvwa–sql blind injection
Statement: This article is limited to security technology exchanges and is prohibited from being used in illegal ways. Readers who commit actions that endanger network security are responsible for the consequences and have nothing to do with the author! Article directory Statement: This article is limited to security technology exchanges and is prohibited from being […]
7. DVWA–SQL Blind Injection
Article directory I. Overview 2. low 2.1 Ideas for clearing levels (Boolean blind injection) (1) Determine whether there is a SQL injection vulnerability (2) Determine whether it is a numeric injection or a character injection (3) Determine the number of fields in the result set (4) Guess the length of the database name (5) Guess […]
[Multi-threading] Implementation of Timer task timer and solution to atomic problems such as blindness
Table of Contents 1. Timer 2. Timer in the standard library 3. Code implementation 4. Deadlock 1. Timer The timer in the code usually executes the corresponding code logic at a certain time. 2. Timer in the standard library public static void main(String[] args){ Timer timer = new Timer(); timer.schedule(new TimerTask() { @Override public void […]
“Development Practice” 12 | Exception Handling: Don’t let yourself become blind when something goes wrong
12 | Exception handling: don’t let yourself become blind when something goes wrong Common mistakes in catching and handling exceptions The “unified exception handling” approach is exactly the first mistake I want to make: Not considering exception handling at the business code level, but only roughly catching and handling exceptions at the framework level.To understand […]
Exercise: Error injection, Boolean blind injection, delayed injection, stacked query
Table of Contents 1. Error injection exercise 2. Boolean Blind Injection Practice 3. Delayed injection practice 4. Stacked query exercise 1. Error injection exercise Requirement: Obtain the website backend administrator account password through error injection method. 1.Lookup table name http://192.168.5.140/cms/show.php?id=33 and updatexml(1,concat(0x5e,(select database()),0x5e),1) 2. Query the number of tables in the database http://192.168.5.140/cms/show.php?id=33 and updatexml(1,concat(0x5e,(select […]
P3_SQL injection_blind injection
Generally use script or sqlmap for blind injection~ Blind injection is a method when the page has no available text to return content. The content of the string is judged bit by bit through the true and false status of the page or the execution of the sleep() function. The main types of blinds are: […]