はまやんはまやんはまやん

hamayanhamayan's blog

2020-08-11から1日間の記事一覧

Lord of SQLInjection 解説まとめ

Lord of SQLInjection SQLInjectionの学習的サイト。 Writeupもハングルのものならたくさんあり、SQLiの学習がはかどる。 題名 分野(白塗り) 解説 gremlin 条件に対する初歩的インジェクション gremlin [LORD OF SQLINJECTION] - はまやんはまやんはまやん…

dark_eyes [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/col|if|case|when|sleep|benchmark/i', $_GET[pw])) exit("HeHe"); $query = "selec…

iron_golem [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/sleep|benchmark/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_ir…

dragon [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_dragon where id='guest'# and pw='{$_GET[pw]}'"; echo "<hr>query : <strong>{$</strong></hr>…

xavis [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/regex|like/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_xavis w…

nightmare [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)|#|-/i', $_GET[pw])) exit("No Hack ~_~"); if(strlen($_GET[pw])>6) exit("No Hack ~_~"); $query = "select id from prob_nightmare where…

zombie_assassin [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); $_GET['id'] = strrev(addslashes($_GET['id'])); $_GET['pw'] = strrev(addslashes($_GET['pw'])); if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~"); …

succubus [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~"); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/\'/',$_GET…

assassin [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/\'/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_assassin where pw like '{$_GET[pw]}'"; echo "<hr>query : <strong>{$query}</strong><hr><br>"; $result = @m</hr></hr>…

giant [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(strlen($_GET[shit])>1) exit("No Hack ~_~"); if(preg_match('/ |\n|\r|\t/i', $_GET[shit])) exit("HeHe"); $query = "select 1234 from{$_GET[shit]}prob_giant where …

bugbear [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[no])) exit("No Hack ~_~"); if(preg_match('/\'/i', $_GET[pw])) exit("HeHe"); if(preg_match('/\'|substr|ascii|=|or|and| |li…

darkknight [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[no])) exit("No Hack ~_~"); if(preg_match('/\'/i', $_GET[pw])) exit("HeHe"); if(preg_match('/\'|substr|ascii|=/i', $_GET[n…

golen [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and|substr\(|=/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_…

skeleton [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); $query = "select id from prob_skeleton where id='guest' and pw='{$_GET[pw]}' and 1=0"; echo "<hr>q</hr>…

vampire [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/\'/i', $_GET[id])) exit("No Hack ~_~"); $_GET[id] = strtolower($_GET[id]); $_GET[id] = str_replace("admin","",$_GET[id]); $query = "select id from…

troll [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/\'/i', $_GET[id])) exit("No Hack ~_~"); if(preg_match("/admin/", $_GET[id])) exit("HeHe"); $query = "select id from prob_troll where id='{$_GET[id…

orge [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_orge where …

darkelf [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/or|and/i', $_GET[pw])) exit("HeHe"); $query = "select id from prob_darkelf whe…

wolfman [LORD OF SQLINJECTION]

Lord of SQLInjection include "./config.php"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~"); if(preg_match('/ /i', $_GET[pw])) exit("No whitespace ~_~"); $query = "select id from prob_wol…

orc [LORD OF SQLINJECTION]

Lord of SQLInjection query : <strong>{$query}</strong><hr><br>"; $result = @mysqli_fet…</hr>

goblin [LORD OF SQLINJECTION]

Lord of SQLInjection …

cobolt [LORD OF SQLINJECTION]

Lord of SQLInjection

gremlin [LORD OF SQLINJECTION]

Lord of SQLInjection