Hello friends today i am going to start a thread which teaches you about some useful syntax, functions, and queries for MySQL which can MySQL injection attack on websites over a period of time part by part. Here are some in part 1 as follow:
Users:
SELECT USER()
SELECT SYSTEM_USER()
SELECT SESSION_USER()
SELECT CURRENT_USER()
Version:
SELECT VERSION()
SELECT @@version
SELECT @@version_comment
SELECT @@version_compile_machine
SELECT @@version_compile_os
Directories:
SELECT @@basedir
SELECT @@tmpdir
SELECT @@datadir
Current Database:
SELECT DATABASE()
Concatenation:
SELECT CONCAT('foo','.','bar'); #Returns: foo.bar
SELECT CONCAT_WS(' ','Hello','MySQL','and','hello','world!'); #Returns: Hello MySQL and hello world!
Multi-Concat:
#Stacks the row "foo" from the table "bar" together, using the separator "
".
#Note: This operation can by default only grab 1024 bytes, and do not allow LIMIT.
#The 1024 byte limit is stored in the @@group_concat_max_len variable.
SELECT GROUP_CONCAT(foo SEPARATOR '
') FROM bar
Thanks For Visiting Indicyborg
1 comments:
Its My Job..
And Keep Visting :-
IndiCyborg
Post a Comment