这题考察Gopher协议,SSRF漏洞和SQL时间盲注,使用 Gopher协议 构建 SSRF 请求,使用 SQL时间盲注探测数据库中的数据。Gopher协议本身并没有直接支持HTTP的POST方法,但它可以通过Gopher客户端模拟HTTP请求的方式进行POST请求的发送,用法如下所示: gopher://127.0.0.1:80/_POST / HTTP/1.1 Host: 127.0.0.1 Content-Lengt...
xctf very_easy_sql EZ个蛋,还是要看别人的wp才会。难得扣,思路全来自very_easy_sql 文章目录 very_easy_sql gopher协议和ssrf联合使用 构造payload SQL注入 very_easy_sql 主页没有回显,先查看源代码看到注释有use.php。且有一句 you are not an inner user, so we can not let you have identify~.意思是...
ailx10:xctf-very_easy_sql(Gopher协议,SSRF漏洞和SQL时间盲注) ailx10:xctf-Background_Management_System(二次注入,SSRF,Gopher协议)
p.interactive() easywasm The WASM module is used to perform operation with the help of the outside layer. Reversing the module we could easily found a buffer overflow caused bystrcpy. Since the module imports__emscripten_run_script, we could overwrite the function pointer (which is actually a...
phpmysql_connect("localhost","root","root");mysql_select_db("test");mysql_query("set names utf8");for($i=0;$i<256;$i++){$c=chr($i);$name=mysql_real_escape_string('hehe'.$c);$sql="SELECT * FROM `name` WHERE `name` = '{$name}'";$row=mysql_fetch_array(mysql_query($...
Abuse MSSQL Servers Enumerate MSSQL Instances:Get-SQLInstanceDomain Check Accessibility as current user: Get-SQLConnectionTestThreaded Get-SQLInstanceDomain | Get-SQLConnectionTestThreaded -Verbose Gather Information about the instance:Get-SQLInstanceDomain | Get-SQLServerInfo -Verbose ...