So basically the website has got WAF. I cannot put UNION in query but i can put SELECT ALL.Mixed chars doesnt help also.I tried error based and blind sqli but i cannot dump anything becaue the WAF also blocks CONCAT.
Any suggestions ?

first can u PM me the site
Second if it is blocking concat()
Then you could try
concat/**/() or /*!Concat*/() or concat+() or concat_ws(seperator,whatyouwant)...Am not sure if all those work but you might as well PM me the site which I might be able to bypass its WAF..Cheers.

Skype:ripperhf1
twitter:@RIPPER38

You cannot fathom the immensity of the f*** I do not give,

WAF detects every possible concat as a single word , so no /*!concat*/ or concat_ws.
I need to find some SQLi that i can exploit without concat or UNION

No chance the server supports multiple queries, I assume?

I think if you gave me the site I might be able to help u.. :D

cr101 Wrote:
-------------------------------------------------------
> No chance the server supports multiple queries, I
> assume?


How can i check that ? Did you mean SQLi with double query ?

Well I assume that the query being passed to the database is something along the lines of

SELECT column FROM table WHERE value= '$YOURINPUT';

What happens if you try to make $YOURINPUT something like
x'; SELECT * FROM INFORMATION_SCHEMA.tables;--

So that the final query is:

SELECT column FROM table WHERE value= 'x'; SELECT * FROM INFORMATION_SCHEMA.tables;--';

It's pretty rare to find databases that support this, though.

I may help if you can give the link..or pm it .