Comments (2)
你小子挺厉害啊,靶场里面找漏洞。
你就当是靶场里面的一个“用来练习的漏洞”吧。(不过实际环境中,这种情况确实是有问题的)
from pikachu.
其实我是试着练审计的,里面一些知识我还不熟,比如sql注入一点不熟悉。还有一个问题是今天看出来的,sqli_iu/sqli_mem.php里面把用户信息拿出来时可以进行xss攻击,注册时只对sql进行escape,输出时没有escape
from pikachu.
Related Issues (20)
- 若使用非3306端口的mysql服务,将无法正确判断数据库是否已经初始化 HOT 2
- Index.php空白? HOT 1
- Docker 创建靶场无回显 HOT 2
- 用 docker 时 pkxss 无法直接使用
- mac系统 php 8.1.6 需要使用PDO连接数据库 HOT 1
- pikachu数据库连接失败
- 数据库连接失败 HOT 4
- xss_dom_x.php+号被解码成空格 导致加号无法使用 HOT 1
- 数据库连也连不上 空白又一大堆 HOT 2
- 数据库莫名奇妙返回空值 HOT 1
- docker版本的靶场的/pkxss/xfish/fish.php文件的header(Location: …),需手动将多余的换行删除,否则无法跳转。 HOT 1
- Docker安装的需要分别手动初始化两个数据库 HOT 5
- 大佬求助,数据库连接失败 HOT 1
- bug: 非默认3306端口数据库连接失败 HOT 1
- 求助数据库连接失败 HOT 1
- 数据库初始化失败(不弹出初始化选项) HOT 2
- 使用wampserver测试选定的版本参考 HOT 1
- 这是一个求助帖~
- 长期大量收WebShell,高价寻渗透大佬合作,有意者联系Telegram:@xxx9964
- 目前在centos7上,无法创建docker镜像了吗?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pikachu.