 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
SQLi dump problem |
 |
 Posted: Mon Jan 12, 2009 3:13 pm |
 |
|
| 10_Sec_Hero |
| Advanced user |
 |
|
| Joined: Oct 22, 2008 |
| Posts: 52 |
|
|
|
 |
|
 |
|
Ok so here is an url example: | Code: | | http://www.host.com/scipt.php?id=2572 AND 1=0 UNION SELECT ALL 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 from table_name-- |
version: 5.0.51a-community
let's say column 2 is vulnerable and I want to dump all data in it (about 120,000) rows and I want it all at once. What function should I use? I tried group_concat(), that dumps like 15 rows and concat() which only dumps 1 row. Usually the concat() function works fine in dumping all the data.
Thanks  |
|
_________________
Sky Is The Limit !! |
|
|
|
| Posted: Mon Jan 12, 2009 3:28 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| You can issue multiple request with LIMIT x,y. |
|
|
|
|
| Posted: Mon Jan 12, 2009 3:43 pm |
|
|
| 10_Sec_Hero |
| Advanced user |
|
|
| Joined: Oct 22, 2008 |
| Posts: 52 |
|
|
|
|
|
|
|
By doing the limit function I only get 1 row each time and I want all 120,000 rows in one go or a couple of goes, certanly not 120,000  |
|
_________________
Sky Is The Limit !! |
|
|
|
| Posted: Mon Jan 12, 2009 4:25 pm |
|
|
| Chb |
| Valuable expert |
 |
|
| Joined: Jul 23, 2005 |
| Posts: 206 |
| Location: Germany |
|
|
|
|
|
|
| What about a little script fetching and saving 120.000 rows? |
|
|
|
|
| Posted: Mon Jan 12, 2009 4:39 pm |
|
|
| 10_Sec_Hero |
| Advanced user |
|
|
| Joined: Oct 22, 2008 |
| Posts: 52 |
|
|
|
|
|
|
|
I have no experience with scripts, no idea how to create them or execute them, only URL based injection  |
|
_________________
Sky Is The Limit !! |
|
|
|
| Posted: Mon Jan 12, 2009 9:31 pm |
|
|
| tehhunter |
| Valuable expert |
 |
|
| Joined: Nov 19, 2008 |
| Posts: 261 |
|
|
|
|
|
|
|
| Chb wrote: | | What about a little script fetching and saving 120.000 rows? |
That's what he might have to do but its not necessarily the best idea. Administrators might notice that there were 120,000 page views of a slightly modified injection url. Is this a big site? Seeing as you are trying to extract 120,000 hashes (I guess?) it probably is.
Before that solution though, try to use what waraxe said use group_concat() along with LIMIT 0,120000 and see if that helps. Perhaps the problem is that the max default size of dumped hashes for group_concat() is 15? |
|
|
|
|
|
|
|
|
| Posted: Tue Jan 13, 2009 5:26 am |
|
|
| 10_Sec_Hero |
| Advanced user |
|
|
| Joined: Oct 22, 2008 |
| Posts: 52 |
|
|
|
|
|
|
|
| tehhunter wrote: | | Chb wrote: | | What about a little script fetching and saving 120.000 rows? |
That's what he might have to do but its not necessarily the best idea. Administrators might notice that there were 120,000 page views of a slightly modified injection url. Is this a big site? Seeing as you are trying to extract 120,000 hashes (I guess?) it probably is.
Before that solution though, try to use what waraxe said use group_concat() along with LIMIT 0,120000 and see if that helps. Perhaps the problem is that the max default size of dumped hashes for group_concat() is 15? |
Its a Counter-Strike site with a forum with 120,000 members. group_concat along with LIMIT 0,120000 doesn't work I tried it before making this topic, and group_concat() always has a max value roughly about 1000 chars, in this case 46 rows. |
|
_________________
Sky Is The Limit !! |
|
|
|
|
|
|
|
| Posted: Tue Jan 13, 2009 8:57 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| So it appears that you can use group_concat(), but problem is elsewhere - column, you are using for data fetch, is probably declared as varchar(1024), or varchar(1000). If you can use other column with text data type, then limits are gone. Otherwise your only choice is to write script and fetch data via multiple requests with help of LIMIT. |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 101
Members: 0
Total: 101
