Experiment simple SQL injection 1, simple SQL injection


Follow the blog above.

Experiment simple SQL injection 1

Topic link: http://ctf5.shiyanbar.com/423/web/


Similarly, enter 1 directly with quotation marks, and an error will be returned below the result, there is a mistake, so it’s estimated that it should be closed here, character line injection, but this title, what exactly is filtered, at present I don’t know what is filtered, so let’s do it first..

Input 1 ‘and 1 = 1. Normally, it should return to normal. The result returns an error

“Chen” is filtered. Then there are other postures. Input 1 ‘and’ 1 ‘=

It turned out to be wrong. What happened? Change or try 1 ‘or’ 1 ‘=’1

All data appears, but and can’t, so it’s estimated that and has been filtered. See if it has been filtered. Double write 1 ‘and’ 1 ‘=

Enter two and results, only one and appears. Make sure that and is filtered, and the space after that is also filtered

It’s OK. I want to use / * * / to bypass filtering and use union



To be honest, I don’t know why the database () here doesn’t work. Please give me some advice

The next explosion shows that


Get the table name flag


Next, pop up the field name


But no, it’s not


Filter the information_schema.columnsmns to me. Double write is used here, but double write discovery will also be filtered. OK, I’ll write part of it in the middle


The result is still an error. Maybe the column name is also filtered. Here, double write the column name


The field name flag appears here.

Next, go directly to 1 ‘/ * * / Union / * * / select / * * / Flag / * * / from / * * / Flag / * * / where / * * /’1’ =


Get flag


In the second question, you can get the name of the database and the indication just like the first two sentences, but you don’t need to double write when the third sentence explodes the field name



You can also get the indication and field names. They are also flags and flags




You can get the answer

I don’t know about the simple SQL injection 3 yet. I haven’t learned the fuzzy test yet. It will be updated in two days. I will definitely learn it