Break through the limit of input box length during SQL injection attacks

In actual tests, we often encounter such a situation that the server's asp script does not limit user input, however, by setting the maxlength attribute on the input box on the webpage, many of our attacks are not allowed. some people may want to test the webpage locally and submit it locally. However, the problem is that some websites can simply compare the values of HTTP_REFERER and SERVER_NAME to prevent it.
A lot of people can't do it. There is a simpler way to change HTTP_REFERER by writing a SOCKET program.

------------ Len. reg -----------------
Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USERSoftwareMicrosoftInternet assumermenuext extension (& E)]
@ = "C: \ Documents ents and Settings \ Administrator \ Desktop \ len.htm"
"Contexts" = dword: 00000004

 

----------- End ----------------------

-----------Len.htm ------------------

---------- End -----------------------

Usage: Import len. reg to the Registry first (note the file path)
Then copy len.htm to the location specified in the registry.
Open the webpage, place the cursor on the input box to change the length, right-click it, and you will see an additional option called extension.
Click OK!

 

Note: The same script can be used to restrict input content.