FILE_
The basic of Blind SQL Injection-pride from 해커스쿨
Blind SQL injection mysql-5 from ???
BLOG_
blind sql injection(1) – 기초
blind sql injection(2) – 기초
FUNCTION_
str = string, char = character, num# = number
same paragraph is similar funtion
substr(str, num1, num2) > return char
mid(str, num1, num2) > return char
length(str) > return number (length of str)
ascii(char) > return number(dec)
hex(char) > return number(hex)
concat(char or str, ..) >return string
char(number) > return (base of ascii)
locate(ori_str,sub_str,[opt]) > return point number
instr(ori_str,sub_str) > return point number
etc…
Conditionals_
if (condition)
(output)
else
(output)
case (condition)
when (result)
then (output)
else
(output)
etc…