【每天进步一点点】sql注入-sql的增删改.sql查询

rename table employee to user

drop database employees

create database employees

alter table user character set utf8

alter table user add salary decimal(8,2)

update user set salary=5000

update user set name='tt' where id=1

alter table user drop salary//删除列

delete from user where job='IT'//删除行

delete from user

查询语句：

基本查询语句：select from where

查询参数指令:union group by order by limit and or

常用函数：group_contact() database() version()

select * from user

select * from user where id in('3')

select * from user where id=(select * from user where name='admin')

select * from user  where id='1' union select * from email where id='1'

(联合注入前后表格列数必须相等)

group by分组(进行列数判断）

select department，count（id）from student group by department;

select * from user where id=9 group by 2

select * from user where id=9 group by 4

order by排序（进行列数判断）

select stu_id from score where c_name='计算机' order  by  grade desc;

(desc降序)

limit 限制输出内容的数量

select * from user limit 1,3

(限制为从第一行开始显示3行)（报错注入）

and 和 or 判断它是闭合关系来判断它到底是字符型还是数字型

or可以用于post提交注入里面可能会用来作为万能密码

select * from user where id=1 and username='benben'

select * from user where id=2 or username='benben'

常用函数：

group_contact函数 多行变一行

 

 

 select database（）查询数据库名称

select version（）查询数据库版本，绕过防火墙做注入