Home/ Questions/Q 998545
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T07:12:47+00:00

The website i worked was recently attempted to be hacked by the following SQL

  • 0

The website i worked was recently attempted to be hacked by the following SQL injection script

boys' and 3=8 union 
select 1, 
concat(0x232425,ifnull(`table_name`,0x30),char(9),ifnull(`table_rows`,0x30), char(9),0x252423),
3,4,5,6,7,8,9 

from `information_schema`.`tables` 

where table_schema=0x62646B3032 limit 44,1 -- And '8'='8

This injection returned the mysql table name. This was reported by the error reporting system on that website and we managed to fix that part however I am not able to understand what does the above injection mean?

Anyone can explain this?

Penuel

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    According to this the MySQL concat()

    Returns the string that results from
    concatenating the arguments. May have
    one or more arguments. If all
    arguments are nonbinary strings, the
    result is a nonbinary string. If the
    arguments include any binary strings,
    the result is a binary string. A
    numeric argument is converted to its
    equivalent binary string form

    So 0x232425 is converted to #$% which is simply added to the begining and end of the table_name field. Maybe just to make it easier for them to pull out the Table names later using Regex.

    Later on the char(9) is equivalent to a tab as you can see here and is just there to format the output nicer.

    The 3,4,5,6,7,8,9 is just there so that the columns match the boys table that they are performing the Union on.

    • 0