A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP
sqlmap1.8 最新版uuwaf checkSQLI(v, 3)
-----------分割线---------
2;(SELECT * FROM (SELECT(SLEEP(5)))kJcs)#
-----------分割线---------
2" AND 3489=RAISE_ERROR(CHR(55)||CHR(48)||CHR(48)||CHR(48)||CHR(49),CHR(113)||CHR(118)||CHR(106)||CHR(106)||CHR(113)||(SELECT (CASE WHEN (3489=3489) THEN 1 ELSE 0 END) FROM SYSIBM.SYSDUMMY1)||CHR(113)||CHR(113)||CHR(112)||CHR(118)||CHR(113)) AND "HyGT" LIKE "HyGT
-----------分割线---------
-8255)) OR CASE WHEN 7703=5079 THEN 7703 ELSE JSON(CHAR(104,83,112,112)) END AND ((4702=4702
-----------分割线---------
应当在AST语义引擎中,禁用SQL的json、RAISE_ERROR、SLEEP函数,如出现多个chr函数也应当拦截
Safe3
commented
1 month ago
sqlmap1.8 最新版uuwaf checkSQLI(v, 3) -----------分割线---------
2;(SELECT * FROM (SELECT(SLEEP(5)))kJcs)#-----------分割线---------2" AND 3489=RAISE_ERROR(CHR(55)||CHR(48)||CHR(48)||CHR(48)||CHR(49),CHR(113)||CHR(118)||CHR(106)||CHR(106)||CHR(113)||(SELECT (CASE WHEN (3489=3489) THEN 1 ELSE 0 END) FROM SYSIBM.SYSDUMMY1)||CHR(113)||CHR(113)||CHR(112)||CHR(118)||CHR(113)) AND "HyGT" LIKE "HyGT-----------分割线----------8255)) OR CASE WHEN 7703=5079 THEN 7703 ELSE JSON(CHAR(104,83,112,112)) END AND ((4702=4702-----------分割线--------- 应当在AST语义引擎中,禁用SQL的json、RAISE_ERROR、SLEEP函数,如出现多个chr函数也应当拦截