0
Here is a tutorial on String Based SQL Injection. This must certainly help many of you guys Awink
What is String Based SQL injection
String Based SQL Injection is used when the target website does not display the result when we enter a query.
Here are some Common Issues and cases when you have to use String Based SQL Injection :
Code:
Order By does not work Example : Order by 10000 does not show error/
Group By statement does not work.
Queries related to SQL injection doesnt work.
The Solution
So the solution for solving when you are having problem is ,just modify your syntax a bit.
So we add a at the end of the link and we add a + at the end of the -- .
String - Union Based SQL Injection
Obtaining Columns
Obtaining the Databases
Obtaining the Tables from the current Database
.Obtaining Column names from a specific table (which in this example is "admin")
Obtaining Data from Column names
credits: Rain112/CHF
What is String Based SQL injection
String Based SQL Injection is used when the target website does not display the result when we enter a query.
Here are some Common Issues and cases when you have to use String Based SQL Injection :
Code:
Order By does not work Example : Order by 10000 does not show error/
Group By statement does not work.
Queries related to SQL injection doesnt work.
The Solution
So the solution for solving when you are having problem is ,just modify your syntax a bit.
So we add a at the end of the link and we add a + at the end of the -- .
String - Union Based SQL Injection
Obtaining Columns
Obtaining the Databases
Obtaining the Tables from the current Database
.Obtaining Column names from a specific table (which in this example is "admin")
Obtaining Data from Column names
credits: Rain112/CHF
