用户在练习SQL注入时遇到错误提示`org.hibernate.QueryException: unexpected char: '#'`,怀疑后端数据库为MySQL或PostgreSQL,并寻求进一步探索漏洞的方法和建议。 2025-6-13 13:33:3 Author: www.reddit.com(查看原文) 阅读量:10 收藏
Welcome! This is your open hacker community designed to help you on the journey from neophyte to veteran in the world of underground skillsets. Ask, Answer, Learn.
Visit us on discord
https://discord.gg/ep2uKUG
I was practicing SQL injection on pretty much everything I could find. I created virtual environments like Damn Vulnerable Web App to train. In one of the challenges, I encountered this error: org.hibernate.QueryException: unexpected char: '#' [SELECT u FROM esira.domain.Utilizadorgeral u WHERE u.utilizador = ' ' OR 1=1#']
Since this morning, I’ve been trying to figure out what the site is trying to tell me. I’ve tried using other types of comments, but it either throws similar errors or just returns "password failed" without any other feedback.
How can I explore this vulnerability further? Can anyone give me a tip? Also, does this seem to be MySQL or PostgreSQL?
如有侵权请联系:admin#unsafe.sh