SQL injection attack, listing the database contents on non-Oracle databases
https://portswigger.net/web-security/sql-injection/examining-the-database/lab-listing-database-contents-non-oracle
Level: Practitioner
Same as the other challenges, nothing new, just we need to get some DB's info.
As always enumerate the columns
In this example I'm using NULL spaces to get the number of columns.
Use the public database and get their respective names.
PreviousSQL injection attack, querying the database type and version on MySQL and MicrosoftNextSQL injection attack, listing the database contents on Oracle
Last updated