2025ciscn复盘
2025-12-31
AI-WAF
这道题不难,由于我有段时间没有看sql了,当时做题的时候先跑了一下fuzz,发现过滤了很多很多东西,注入不了,由于环境开不了,当时也想到了可能是mysql的新特性,但是没有继续研究,可惜了。
总结一下被过滤的东西,它不区分大小写,select,sleep,having,or,as,and,end.case,union,group,concat,order,where等等。
TABLE statement
找了个数据库试了一下
mysql> select * from movies;
+----+-------------------------------------------------------+------------+----------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+--------+---------------------+
| id | title | date | star | img | wish | created_at |
+----+-------------------------------------------------------+------------+----------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+--------+---------------------+
| 31 | 咱们结婚吧 | 2025-11-11 | 高圆圆,姜武,李晨 | https://p0.pipi.cn/mmdb/d2dad592b12f2a7e12f0ee28e025fa1e196be.webp?imageMogr2/thumbnail/2500x2500%3E | 53763 | 2025-11-09 16:25:54 |
| 32 | 一只绣花鞋 | 2025-11-11 | 刘超,陶德燕,王迎奇 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c5beea409c3160dda0672055f58c06.jpg?imageMogr2/quality/80 | 21886 | 2025-11-09 16:25:54 |
| 33 | 洛桑的家事 | 2025-11-11 | 金巴,加华草,扎西 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3349a3d605119bf01e862d9f89854d430d.jpg?imageMogr2/quality/80 | 1803 | 2025-11-09 16:25:54 |
| 34 | 鬼灭之刃:无限城篇 第一章 猗窝座再袭 | 2025-11-14 | 花江夏树,鬼头明里,下野纮 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c4ea4a13cbcea40a9c28f600953fb0.jpg?imageMogr2/quality/80 | 682243 | 2025-11-09 16:25:54 |
| 35 | 惊天魔盗团3 | 2025-11-14 | 杰西·艾森伯格,伍迪·哈里森,戴夫·弗兰科 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3346ec8b5c28014ea40fa03778d33581ed.jpeg?imageMogr2/quality/80 | 313487 | 2025-11-09 16:25:54 |
| 36 | 寻砖 | 2025-11-14 | 张亮,鄂靖文,刘俊孝 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3346e7f0c8b72a99a13cc1bd1e4fb34de7.jpg?imageMogr2/quality/80 | 348 | 2025-11-09 16:25:54 |
| 37 | 三滴血 | 2025-11-15 | 胡歌,文淇,高子淇 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c5be14d01e84ea98a1029117b73f44.jpg?imageMogr2/quality/80 | 18726 | 2025-11-09 16:25:54 |
| 38 | 菜肉馄饨 | 2025-11-15 | 周野芒,潘虹,茅善玉 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345cbf877e3f6701e8dd4bb320ef8ce12.jpg?imageMogr2/quality/80 | 7794 | 2025-11-09 16:25:54 |
| 39 | 红豆 | 2025-11-15 | 任达华,邓丽欣,魏浚笙 | https://p0.pipi.cn/mediaplus/bigdata_mmdb_mmdbtask/0fa3345c4ea6e3392a1faefd45763cd8794f3.jpg?imageMogr2/thumbnail/2500x2500%3E | 752 | 2025-11-09 16:25:54 |
| 40 | 次仁的夏天 | 2025-11-16 | 巴金旺甲,伍金尼玛,南措卓玛 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c25c77e78b13f67eab8b5610418fc5.jpg?imageMogr2/quality/80 | 155 | 2025-11-09 16:25:54 |
+----+-------------------------------------------------------+------------+----------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+--------+---------------------+
10 rows in set (0.00 sec)
mysql> table movies;
+----+-------------------------------------------------------+------------+----------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+--------+---------------------+
| id | title | date | star | img | wish | created_at |
+----+-------------------------------------------------------+------------+----------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+--------+---------------------+
| 31 | 咱们结婚吧 | 2025-11-11 | 高圆圆,姜武,李晨 | https://p0.pipi.cn/mmdb/d2dad592b12f2a7e12f0ee28e025fa1e196be.webp?imageMogr2/thumbnail/2500x2500%3E | 53763 | 2025-11-09 16:25:54 |
| 32 | 一只绣花鞋 | 2025-11-11 | 刘超,陶德燕,王迎奇 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c5beea409c3160dda0672055f58c06.jpg?imageMogr2/quality/80 | 21886 | 2025-11-09 16:25:54 |
| 33 | 洛桑的家事 | 2025-11-11 | 金巴,加华草,扎西 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3349a3d605119bf01e862d9f89854d430d.jpg?imageMogr2/quality/80 | 1803 | 2025-11-09 16:25:54 |
| 34 | 鬼灭之刃:无限城篇 第一章 猗窝座再袭 | 2025-11-14 | 花江夏树,鬼头明里,下野纮 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c4ea4a13cbcea40a9c28f600953fb0.jpg?imageMogr2/quality/80 | 682243 | 2025-11-09 16:25:54 |
| 35 | 惊天魔盗团3 | 2025-11-14 | 杰西·艾森伯格,伍迪·哈里森,戴夫·弗兰科 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3346ec8b5c28014ea40fa03778d33581ed.jpeg?imageMogr2/quality/80 | 313487 | 2025-11-09 16:25:54 |
| 36 | 寻砖 | 2025-11-14 | 张亮,鄂靖文,刘俊孝 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3346e7f0c8b72a99a13cc1bd1e4fb34de7.jpg?imageMogr2/quality/80 | 348 | 2025-11-09 16:25:54 |
| 37 | 三滴血 | 2025-11-15 | 胡歌,文淇,高子淇 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c5be14d01e84ea98a1029117b73f44.jpg?imageMogr2/quality/80 | 18726 | 2025-11-09 16:25:54 |
| 38 | 菜肉馄饨 | 2025-11-15 | 周野芒,潘虹,茅善玉 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345cbf877e3f6701e8dd4bb320ef8ce12.jpg?imageMogr2/quality/80 | 7794 | 2025-11-09 16:25:54 |
| 39 | 红豆 | 2025-11-15 | 任达华,邓丽欣,魏浚笙 | https://p0.pipi.cn/mediaplus/bigdata_mmdb_mmdbtask/0fa3345c4ea6e3392a1faefd45763cd8794f3.jpg?imageMogr2/thumbnail/2500x2500%3E | 752 | 2025-11-09 16:25:54 |
| 40 | 次仁的夏天 | 2025-11-16 | 巴金旺甲,伍金尼玛,南措卓玛 | https://p0.pipi.cn/mediaplus/friday_image_fe/0fa3345c25c77e78b13f67eab8b5610418fc5.jpg?imageMogr2/quality/80 | 155 | 2025-11-09 16:25:54 |
+----+-------------------------------------------------------+------------+----------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------+--------+---------------------+
10 rows in set (0.01 sec)
效果一模一样。
