Network security database penetration of secondary vocational group in 2022

First, let's take a general look at the topic ：

The first topic ：

To find the web Infiltration interface of ：

Let's not hurry , First use nmap Scan it. ：

Found to have 80 port , Now let's visit the website ：

Find this interface , If you do more, you will know , The appearance of this interface indicates that the background directory is hidden , We got a dictionary here ：

Using this dictionary, we can explode its background directory ：

You can see that there are two directories ：

Through the interview, we found that index2.php Is a suspicious Directory ：

Submit successfully .

Let's take a look at the second topic ：

Ask to view the name of the database , Most people now think definitely using sqlmap For a meal output , But now if you use sqlmap Will collapse . So now we must try to inject manually . Therefore, the secondary vocational group must also learn about manual injection .

Through judgment, it is found that it is an injection of a string .

Next, we determine how many fields there are ：

It is found that an error is reported , Description there are three fields , Now we can look at the topic ：

The title requires the name of the database ：

Let's first look at which field can be used ：

Find out 1 and 2 Both can be used. ：

So let's start injecting ：

The database is successfully injected ：

Submit successfully .

Now let's look at the third question ：

The number of fields required to enter and exit the database ：

We've just injected it , So we submit directly ：

Submit successfully .

Look at question 4 ：

Ask for the table name of the user ：

The table name is successfully injected , The name of the table where the user exists is users：

Submit successfully .

Let's move on to the next topic

：

5. Via local PC Penetration test platform in KALI2020 Test the target SQL Injection attack , Get the database information of the target , Will be used to store WEB Landing user admin The user's ciphertext password is used as FLAG Submit .

requirement admin Of md5 password ：

We are operating on the basis of the table name ：

Inject fields based on the table ：

Admin The password of the ciphertext will come out ：

Let's move on to the next topic ：

Ask for the version number of the data ：

We then inject ：

The version number has also been successfully injected ：

This topic needs environment. You can confide in me .