Before exploiting database with SQLi or any queries, it imperative to do recon about your target beforehand, like

• The type and version of the database software.
• The tables and columns that the database contains.

can be coupled with UNION like ' UNION SELECT @@version--

• Lab - **SQL injection attack, querying the database type and version on Oracle**
• Lab - Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft

Most db’s(except Oracle) in SQL have a set of views called information schema. gives info about the db.

eg: information_schema.tables → list tables in db

SELECT * FROM information_schema.columns WHERE table_name = '<table_name>' → will list columns in that table.

• Lab - **SQL injection attack, listing the database contents on non-Oracle databases**

For Oracle db’s, the commands become

• You can list tables by querying all_tables:

  SELECT * FROM all_tables

• You can list columns by querying all_tab_columns:

  SELECT * FROM all_tab_columns WHERE table_name = 'USERS'

• Lab - **SQL injection attack, listing the database contents on Oracle**