Lord Of SQL Injection [ 10.Skeleton ]

2017. 9. 12. 14:55WebHacking/Lord of SQL injection

 

 

 

and 1=0 : 항상 거짓이기 때문에 SQL쿼리문을 실행시킬 수 없다

URL: https://los.eagle-jump.org/skeleton_8d9cbfe1efbd44cfbbdc63fa605e5f1b.php?pw=9999' or id='admin' %23

=> SELECT id FROM prob_skeleton WHERE id='guest' and pw='9999' or id='admin' #' and 1=0