暴力破解
低级:尝试sql绕过(成功)
![](https://www.icode9.com/i/ll/?i=2ebda1b1aab04a67a72a97f048cfccd8.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
中级:sql绕过失败
![](https://www.icode9.com/i/ll/?i=6228c52ec6be4369bb0cc06cdd8d3249.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
原因:使用了mysqli_real_escape_string转义:
![](https://www.icode9.com/i/ll/?i=2cd52569963742f5883d5db4efce9412.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
利用bp爆破:
随便输入用户名和密码:
![](https://www.icode9.com/i/ll/?i=33bc6bcd12a94e1caf3d2dfb2be672b7.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
进行抓包:
![](https://www.icode9.com/i/ll/?i=d44189e4071d44bd836a9d6c0620cf10.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
导入intruder:
![](https://www.icode9.com/i/ll/?i=de51297b81984729966ccaa93b9d78b5.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
设置变量:
![](https://www.icode9.com/i/ll/?i=5fb84e45eace4c7daad52d237e751da7.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
选择模式:
![](https://www.icode9.com/i/ll/?i=c931b1d005ca4e4a9ef0798d5ba70b3b.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
填入几个用户名(也可字典导入):
![](https://www.icode9.com/i/ll/?i=abf873005ab94f048b71b60dc386e79e.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
填入几个密码:
![](https://www.icode9.com/i/ll/?i=79095880c7604a4892bd0bf9738aa23b.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
爆破成功:
![](https://www.icode9.com/i/ll/?i=1842b9c034064911ab1bc5c3d9cd823b.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
登陆成功:
![](https://www.icode9.com/i/ll/?i=59560638e3cc40f3be6aae584448a99a.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
高级:多了个token:
![](https://www.icode9.com/i/ll/?i=fc2c6cb5e5f3447180d7d9b0eaa685d2.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_17,color_FFFFFF,t_70,g_se,x_16)
爆破成功:
![](https://www.icode9.com/i/ll/?i=5691c1d918cb419486c20e02ee1f4bbd.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
不可能:进行了次数限制
![](https://www.icode9.com/i/ll/?i=0afd2f2ffb544232ac0945741a43bb73.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAQUnlronlhajlsI_nmb0=,size_20,color_FFFFFF,t_70,g_se,x_16)
标签:用户名,爆破,填入,成功,DVWA,详解,sql,暴力破解
来源: https://blog.csdn.net/m0_58213960/article/details/122825542