You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I encountered a situation where some of the column values in my output csv file were defined in other columns. That is, I ran with columns -C id,login,pass,data, and in the output file for some of the lines the result was id,login,data,pass, and for some - id,login,pass,data.
The reason for this is that in UNION based injections using JSON_ARRAYAGG, the column values are connected via CONCAT_WS. But if one of the column values is NULL, CONCAT_WS simply skips it and does not add a separator string after it. Therefore, the column values are mixed up in the resulting csv file. When dumping a large number of columns, this can create complete chaos in the result.
To solve this problem, it makes sense to do processing for the columns via IFNULL. (IFNULL(<column>, 0x20))
The text was updated successfully, but these errors were encountered:
I encountered a situation where some of the column values in my output csv file were defined in other columns. That is, I ran with columns
-C id,login,pass,data, and in the output file for some of the lines the result wasid,login,data,pass, and for some -id,login,pass,data.The reason for this is that in UNION based injections using JSON_ARRAYAGG, the column values are connected via CONCAT_WS. But if one of the column values is NULL, CONCAT_WS simply skips it and does not add a separator string after it. Therefore, the column values are mixed up in the resulting csv file. When dumping a large number of columns, this can create complete chaos in the result.
To solve this problem, it makes sense to do processing for the columns via IFNULL. (
IFNULL(<column>, 0x20))The text was updated successfully, but these errors were encountered: