sqlmap wiki学习

Techniques

  • Boolean-based blind

通过判断返回true或者false来猜测数据库名、表名等;

参考链接:[Detailed] Boolean Based Blind Injection [Tutorial]

  • Stacked queries

参考链接:http://www.sqlinjection.net/stacked-queries/