Disclaimer: Photos from the tutorial screenshots have learned
- Suitable token / random number / codes
1. principle is to use the tool to obtain the token value before each injection. Here every refresh token values are not the same.
2. Super packet to catch sql injection tool
3. Place the bag into the token caught in the
4. find what the position where the token, look at what is around characters
5. Enter the start character and end character
6. First click encodes a marker that is</Encode>
, Y is the keyword% 'type search is here injected (specifically see separate blog: sql entry).
7. # inject # flag is injected, for example, originally and 1 = 1, would be replaced after implanting labeled # inject #, then mark the position of the token random value, but also remember commented bars</Encode>
8. The process results in FIG.
- Each injection will first obtain the token before, pay attention to only single-threaded, not multi-threaded, or token data will be chaos