Hackzzz - The Notebook

SQL injection attack, listing the database contents on non-Oracle databases

https://portswigger.net/web-security/sql-injection/examining-the-database/lab-listing-database-contents-non-oracle

Level: Practitioner

Same as the other challenges, nothing new, just we need to get some DB's info.
As always enumerate the columns
In this example I'm using NULL spaces to get the number of columns.

Use the public database and get their respective names.

PreviousSQL injection attack, querying the database type and version on MySQL and Microsoft NextSQL injection attack, listing the database contents on Oracle

Last updated 1 year ago