For a few days CTF After injection of , Familiar with some postures , To try to bypass the safety dog , Find unexpected simplicity , It is mainly used to record the current security bypass method , Anyway, it may not work after a while ... No explanation , Record only , The principle is basically written in previous blogs

Experimental environment

* windows server 2008
* phpstudy
* Safety dog V4.0.2395
Preparation before experiment

* open phpstudy, This is a little different from before , Due to the installation of safety dog , So it's opening phpstudy When , Need to select system service mode , Click apply .

* Go to the official website to download the latest safety dog and install it directly , namely 4.0 Create Your Account .

injection

* Judge injection point . Error after entering single quotation mark .

Enter after -0 and -1 Page changes , Although and 1=1 Was prompted to detect .
But through xor Also judged that the page has changed , Indicates that there is injection in this page , And it's plastic injection .
xor 1
xor 0

* adopt order by Determine the length of the column ,15 normal ,16 report errors , So the number of columns is 15.

* Union query , Determine echo point .

* Query database and user name , Why not version What about , Because I really didn't go around , Who told me ....

* Look up the table .

* Search field .

* Burst field value .

* Over
summary
1. The principle is important .
2. Brain holes are important .
3. Posture is important .
4. After finishing this , I went to try again AF, As long as the keywords or special symbols are filtered , No idea at all ... Try again !

Technology
©2019-2020 Toolsou All rights reserved,
1190 Reverses the substring between each pair of parentheses leetcodemysql Joint index details You don't know ——HarmonyOS Create data mysql Library process Character recognition technology of vehicle license plate based on Neural Network A guess number of small games , use JavaScript realization Talking about uni-app Page value transfer problem pytorch of ResNet18( Yes cifar10 The accuracy of data classification is achieved 94%)C++ Method of detecting memory leak One is called “ Asking for the train ” A small village Finally got the train