(陇剑杯 2021) SQL注入系列
Charmersix
  2022-04-29 00:00:00 2022-04-29 00:00   2023-04-20 21:47:09   115 Words  1 Mins  

(1)

第一题,看SQL注入的语句,很明显是布尔盲注的特征

(2)

这题更没劲,根据我的经验,流量分析倒着看就对了

(select%20flag%20from%20sqli.flag),43,1)%20=%20’+’,1,(select%20table_name%20from%20information_schema.tables)

数据库名#表名#字段名显而易见

(3)

将日志导入excel,筛选返回长度479 480 481 482

然后再拿word替换一下,得到

flag{deddcd67-bcfd-487e-b940-1217e668c7db}

当然也可以写个脚本

  • Post title: (陇剑杯 2021) SQL注入系列
  • Post author: Charmersix
  • Create time: 2022-04-29 00:00:00
  • Post link: 2022/04/29/SQLflow/
  • Copyright notice: All articles in this blog are licensed under BY-NC-SA unless stating additionally.
 Comments
  1. 1. (1)
  2. 2. (2)
  3. 3. (3)