Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
akyl-kb2016-07-31 09:30:43
PHP
akyl-kb, 2016-07-31 09:30:43

How to inject through UNION SELECT?

url: http://mysite.ru/news.php?id=-1 UNION SELECT 1,2,3,4
->
php: $query = "SELECT * FROM news WHERE id=". $_GET['id'];
->
sql: SELECT * FROM news WHERE id=-1 UNION SELECT 1,2,3,4

Tried:
LOAD_FILE()
SELECT INTO OUTFILE
SELECT INTO DUMPFILE
Doesn't work, there are limitations
Is it possible somehow to inject through select update, delete, etc?
DB: MariaDB 10.1

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
X
xmoonlight, 2016-07-31
@xmoonlight

stackoverflow.com/questions/5759603/mysql-injectio...

Report
N
none7, 2016-07-31
@none7

Neither UPDATE nor DELETE can be done through SELECT ... UNION. And since access to files is denied, the only thing you can do is to pull out all the data available to you from the database. Through nested queries.

Similar questions
H
hbrmdc2015-08-14 12:35:27
Why don't all npm packages work after import? 2Reply
V
VettyAllen2015-08-21 11:15:11
Why can't I see anything in OKAH when I start the application? 2Reply
D
dante_sa2017-08-04 01:55:34
I want to Find a Vkontakte page, I only know the phone number and name, how to solve this problem? 4Reply
D
dollar2020-01-16 18:18:52
Where do the numbers at the end of the filename come from? 3Reply
D
dotruger372020-01-20 12:12:29
How to write a recursive function in PostgreSQL? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question