[netding Cup 2018]Fakebook - SSRF / deserialization vulnerability / SQL injection

Solution I Solution II Solution III Test site • directory scanning • SSRF • SQL injection • PHP deserialization When we get the website, we first need to collect information about the website to expand the probability of vulnerability discovery, such as whois, fingerprint identification, scanning the directory of ...

Posted by IndianaRogers on Wed, 29 Sep 2021 15:46:51 -0700

Sqli labs customs clearance (less41~less50)

catalogue Less41 Less42 Less43 Less44 Less45 Less46 Less47 Less48 Less49 Less50 Less41 This level is similar to Less40. First find the closure through Boolean blind injection, and then stack and inject recklessly. Find closure: http://192.168.101.16/sqli-labs-master/Less-41/?id=1   There are query results http://192.168.10 ...

Posted by jaikar on Thu, 16 Sep 2021 13:44:57 -0700