Difference between revisions of "SQL injection/Target Environments/Mapping/MS SQL"

Revision as of 02:24, 19 July 2012

back to SQL injection

An important note is that MS SQL is different when it comes to ordered single-cell selection.

Notice: We don't currently have a method of listing all of the database names in MS SQL. If you have a copy that one of the developers can use for testing to improve this article, please don't hesitate to let us know in IRC.

Listing Tables:

SELECT TABLE_NAME FROM information_schema.columns WHERE table_catalog=[database_name] GROUP BY TABLE_NAME ORDER BY TABLE_NAME ASC;

Listing Columns:

SELECT column_name FROM information_schema.columns WHERE table_catalog=[database_name] AND TABLE_NAME=[table_query] GROUP BY column_name ORDER BY column_name ASC

Difference between revisions of "SQL injection/Target Environments/Mapping/MS SQL"

Revision as of 02:24, 19 July 2012

Navigation menu

Views

Personal tools

Wiki

Community

Search

Tools

Revision as of 02:10, 19 July 2012 (view source) LashawnSeccombe (Talk \| contribs) (Created page with "<noinclude>{{subpage\|SQL injection}}</noinclude> An important note is that MS SQL is different when it comes to ordered single-cell selection. {{notice\|We don't <i>currently</i>...")	Revision as of 02:24, 19 July 2012 (view source) LashawnSeccombe (Talk \| contribs) m (moved SQL injection/Potential target environments/Navigating unfamiliar databases without the C API/MS SQL mapping to SQL injection/Target Environments/Mapping/MS SQL) Newer edit →
(No difference)