Hacking Challenges

Extracting Database Information from Information_Schema

August 10th, 2009 by Patchy
In Full Disclosure Episode 11, we show you how to extract information from our WordPress SQL Database. WordPress is open source, so we were able to look up information about WordPress’s Database structure. However, what do we do if the Web application is not open source? How do we know what tables and columns to extract information from? In this VBlog, I’m going to explain how to use the Information_Schema database to extract information about a website’s tables and columns. Full Scale Video Here
Download Here

Posted in Vblog | 3 Comments »

3 Responses

  1. CrashOverron Says:

    good stuff =]] there is another way of finding columns only in a certain table by using the keyword “WHERE” so you could do something like

    -1 union all select 1 from information_schema.columns where table_name=”wp_users”

    although most sites will have the magic quotes so you will have to use the char(); also the LIMIT keyword also accepts an offset value which could be done LIMIT 51,1 and just keep changing the first value until you reach desired data

  2. AlloveR Says:

    You can also use group_concat()
    to display all of the rows in one query, in most cases.

  3. AlloveR Says:

    union select group_concat(table_name,0x3a,column_name) from …

You must be logged in to leave a comment.