search

Examining the Database

hashtag
Database Version

Different databases provide different ways of querying their version. You often need to try out different queries to find one that works, allowing you to determine both the type and version of the database software.

The queries to determine the database version for some popular database types are as follows:

Database type
Query

Microsoft, MySQL

SELECT @@version

Oracle

SELECT * FROM v$version

PostgreSQL

SELECT version()

For example, you could use a UNION attack with the following input:

' UNION SELECT @@version--

This might return output like the following, confirming that the database is Microsoft SQL Server, and the version that is being used:

Microsoft SQL Server 2016 (SP2) (KB4052908) - 13.0.5026.0 (X64)
Mar 18 2018 09:11:49
Copyright (c) Microsoft Corporation
Standard Edition (64-bit) on Windows Server 2016 Standard 10.0 <X64> (Build 14393: ) (Hypervisor)

hashtag
information_schema

From MySQL 5.0, a default database named information_schema was added for providing database metadata, such as table names and column names. You can query information_schema.tables to list the tables in the database:

SELECT * FROM information_schema.tables;
// or
SELECT table_name FROM information_schema.tables;

Next, you can then query information_schema.columns to list the columns in individual tables:

On Oracle, you can obtain the same information with slightly different queries. You can list tables by querying all_tables:

And you can list columns by querying all_tab_columns:

hashtag
Reference

LogoExamining the database in SQL injection attacks | Web Security AcademyWebSecAcademychevron-right
Examining the database in SQL injection attacks - Web Security Academy
PreviousUNION AttacksNextBlind SQL Injection

Last updated