{"type":"rich","url":"https://blog.hamayanhamayan.com/entry/2020/08/11/144619","author_name":"hamayanhamayan","author_url":"https://blog.hatena.ne.jp/hamayanhamayan/","categories":["Security"],"title":"nightmare [LORD OF SQLINJECTION]","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fblog.hamayanhamayan.com%2Fentry%2F2020%2F08%2F11%2F144619\" title=\"nightmare [LORD OF SQLINJECTION] - \u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","image_url":null,"blog_url":"https://blog.hamayanhamayan.com/","blog_title":"\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093","height":"190","published":"2020-08-11 14:46:19","version":"1.0","width":"100%","provider_url":"https://hatena.blog","description":"Lord of SQLInjection include \"./config.php\"; login_chk(); $db = dbconnect(); if(preg_match('/prob|_|\\.|\\(\\)|#|-/i', $_GET[pw])) exit(\"No Hack ~_~\"); if(strlen($_GET[pw])>6) exit(\"No Hack ~_~\"); $query = \"select id from prob_nightmare where pw=('{$_GET[pw]}') and id!='admin'\"; echo \"<hr>query : <stro\u2026","provider_name":"Hatena Blog"}