4
777
inurl index php db information schema as bxct where 9849 9849 procedure analyse extractvalue 7257,concat 0x5c, benchmark 5000000,md5 0x514e774b ,1 #
using PROCEDURE ANALYSE (EXTRACTVALUE) on Url? [support]...
github.com
MySQL XML Функции
kodesource.top
XPATH Error Based Injection Extractvalue
securityidiots.com
mariadb - SQL-injection, unable to get it to work! - Information Security...
Example: {"limit":"1 procedure analyse(extractvalue(rand(),concat(0x3a,(SELECT concat(0x3a,schema_name) FROM information_schema.schemata LIMIT 0,1))),1)-- 1"}.
The information does not usually directly identify you, but it can give you a more personalized experience.
security.stackexchange.com
MySQL DoS in the Procedure Analyse Function – CVE-2015-4870
osandamalith.com
Статья - SQL-injection, Error Based - XPATH - Codeby.net
Выведем названия таблиц: 1' and updatexml(null,concat(0x7B,(select table_name from information_schema.tables where table_schema='my_db' limit 0,1),0x7D),null)
2. Установить параметр display_errors = on в /etc/php/8.1/apache2/php.ini.
codeby.net
ASCII таблица / Программирование / stD
istarik.ru
SQL Injection | HackTricks | HackTricks
book.hacktricks.xyz
Библиотека Pandas: самоучитель для начинающих
proglib.io
Metal+gear+solid+2+PROCEDURE+ANALYSE(EXTRACTVALUE...
www.lonebullet.com
Моя большая практическая шпаргалка SQL (SQLite)... / Хабр
habr.com
Онлайн сервис по расшифровке хеш-кодов (SHA1, 32 bit...
vk.com
HTB: Proper | 0xdf hacks stuff
0xdf.gitlab.io
MariaDB 5.5.65 sql injection - Stack Overflow
stackoverflow.com
drive.google.com
drive.google.com