1
00:00:01,820 --> 00:00:07,200
OK so now we know our target database is called AWS 10.

2
00:00:07,460 --> 00:00:12,230
Let's try and discover the tables that exist in the database.

3
00:00:12,770 --> 00:00:14,990
So this is our select statement.

4
00:00:15,000 --> 00:00:16,600
It's the unions select one.

5
00:00:16,640 --> 00:00:18,060
And we have these things.

6
00:00:18,110 --> 00:00:23,390
So I'm going to leave this or change these to no because I don't I only want to select one thing now

7
00:00:23,680 --> 00:00:26,480
and I'm going to say this to normal as well.

8
00:00:26,810 --> 00:00:32,900
And any number two we're going to select table name

9
00:00:37,920 --> 00:00:44,240
from now we're going to select this from a database called Information schema.

10
00:00:44,250 --> 00:00:51,360
Now I said this in the first video of rescue all that information schema is a default database created

11
00:00:51,360 --> 00:00:56,460
by my url and it contains information about all other databases.

12
00:00:56,460 --> 00:01:00,360
So what we're doing now we're selecting the table name from information

13
00:01:03,300 --> 00:01:05,810
schema dot.

14
00:01:06,030 --> 00:01:08,070
And after the dot you put the table

15
00:01:11,160 --> 00:01:18,140
so basically we're selecting a table called tables from a database called Information schema.

16
00:01:18,420 --> 00:01:24,720
And the column that we're selecting is called table name so we're selecting table name from the database

17
00:01:24,720 --> 00:01:29,320
that's called Information schema from the table tables.

18
00:01:29,340 --> 00:01:35,970
Let's execute this and see if we can get all the tables that exist in our Spain database

19
00:01:44,500 --> 00:01:47,940
so we can see we got two hundred and thirty seven records.

20
00:01:48,250 --> 00:01:50,500
And you can see all the tables that we have.

21
00:01:50,500 --> 00:01:57,120
So these are all the tables that we have access to.

22
00:01:57,120 --> 00:01:59,650
So again I said we are logged in as root.

23
00:01:59,650 --> 00:02:04,990
Therefore we can actually see tables from other Web applications such as the tiki weeki.

24
00:02:05,320 --> 00:02:13,800
But in real life scenarios you'll only see tables related to your current database which is Madame de

25
00:02:16,020 --> 00:02:23,340
so I'm going to do is I'm going to use a where clause and I'm gonna say where the table

26
00:02:26,690 --> 00:02:36,900
schema is equal to I was 10 so I was 10 was what we got when we executed when we selected the database

27
00:02:37,170 --> 00:02:42,580
so we got our spend which is our current database that's Matilda days working on.

28
00:02:42,630 --> 00:02:48,870
So we were using the same statement we're selecting the table name from information schema tables where

29
00:02:49,020 --> 00:03:06,750
the tables schema is ours 10 so I'm going to copy that and execute it here.

30
00:03:06,930 --> 00:03:13,080
And as you can see now we have so many so much less tables and we only have the ones that we're interested

31
00:03:13,080 --> 00:03:21,300
in and so we have the accounts the blogs capture data credit card hit log and the painter's tools.

32
00:03:21,300 --> 00:03:28,110
Now if you remember in the first or the second video in the scale injection videos we I showed you what's

33
00:03:28,110 --> 00:03:33,720
the content of the US table was and it was these tables of the US database.