sqli-Labs————less-38

Less-38

源代码：

Welcome    Dhakkan 



';	
            printf("Your Username is : %s", $row[1]);
            echo "
";
            printf("Your Password is : %s", $row[2]);
            echo "
";
            echo "";
        }
//            mysqli_free_result($result);
    }
        /* print divider */
    if (mysqli_more_results($con1))
    {
            //printf("-----------------\n");
    }
     //while (mysqli_next_result($con1));
}
else 
    {
	echo '';
	print_r(mysqli_error($con1));
	echo "";  
    }
/* close connection */
mysqli_close($con1);
}
	else { echo "Please input the ID as parameter with numeric value";}

?>
 

根据以上的SQL语句，可以直接构造payload如下：

明注：

盲注：

http://192.168.11.136/sqli-labs/Less-38?id=-1%df'||1--+

同时，我们也可以使用堆叠注入来实现：