Re: odd query

From: Lennart Jonsson <erik.lennart.jonsson_at_gmail.com>
Date: Tue, 20 Jan 2015 20:48:31 +0100
Message-ID: <m9mbdi$fpp$1_at_dont-email.me>

On 01/20/2015 03:14 PM, Kiuhnm Mnhuik wrote:
> I don't understand how the following query works:
>
> SELECT yr, city
> FROM games
> WHERE yr = 2004 or 1
> group by concat_ws(0x3a,version(),floor(rand(0)*2)) having min(0)
>
> It displays
> Error: Duplicate entry '5.5.38-MariaDB:1' for key 'group_key'
> so you can read the info you seek: "5.5.38-MariaDB". It's called error-based SQL injection.
>
> You can experiment with it here:
> http://sqlzoo.net/wiki/SELECT_.._WHERE
>
> Why do we need "having min(0)"?
>

The query makes no sense, but if you want to know the version would it not be simpler to ask for it directly instead of hiding it in an obscure group by clause where it is printed in the error message?

SELECT distinct version()
FROM games Received on Tue Jan 20 2015 - 20:48:31 CET

This message: [ Message body ]
Next message: Kiuhnm Mnhuik: "Re: odd query"
Previous message: ssksanthosh_at_gmail.com: "Re: Lowering MySQL Memory Usage without Restart"
Next in thread: Kiuhnm Mnhuik: "Re: odd query"
Reply: Kiuhnm Mnhuik: "Re: odd query"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message