Ethical Hacking and Penetration Testing Guide


◾  Ethical Hacking and Penetration Testing Guide Information_schema



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə209/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   205   206   207   208   209   210   211   212   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

348
◾ 
Ethical Hacking and Penetration Testing Guide
Information_schema
The information_schema database is a read-only database that holds the information about all the 
other databases: information such as table names, column names, and privileges of every database. 
Each mysql user has privileges based upon the fact that a user can access tables that they are per-
mitted to. Since we are the root user, we will have access to the entire database.
Information_schema Tables
Lets’ talk about some of the tables present in the information_schema database:
Information_schema.schemata—This table holds the list of all the databases present on the 
mysql server.
Information_schema.tables—This table holds the table names in the databases.
Information_schema.columns—This table holds the column names in every table in every 
database.
Enumerating All Available Databases
Now that we have fingerprinted the database, the next thing to do is to enumerate all the databases 
that our 
db _ user
has access to, which in our case would be all the databases, since we have 
root privileges.
Syntax
http://localhost/index.php?support=yes’ and 1=0 UNION select 1,2,3,schema_name,5,6 from 
information_schema.schemata--±
With this query, we are extracting the information present in the 
schema _ name
col-
umn, which holds all the database names, and asking to extract from the database “informa-
tion_schema” and “table schemata.”
We have found three databases, namely, information_schema, dvwa, and mysql, which our cur-
rent user has privilege to access to. Let’s try enumerating all the tables present in the “dvwa” database.

Web Hacking
◾ 
349
Enumerating All Available Tables in the Database
Now that we have found or targeted database “dvwa,” we would extract all the tables in the cur-
rent database.
Syntax
http://localhost/index.php?support=yes’ and 1=0 UNION select 1,2,3,table_name,5,6 from infor-
mation_schema.tables where table_schema=“dvwa”--±
Table_name is a column present in information_schema.tables table that holds the informa-
tion of all the tables. So we have asked the database to return all the tables present in the infor-
mation_schema.tables table. However, we have limited our search to return tables only from the 
“dvwa” database.
This query was executed, and we have found two table names in the “dvwa” database, which 
happen to be “users” and “guestbook”.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   205   206   207   208   209   210   211   212   ...   235



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin