I am doing a tutorial a lab on SQL Injection.
I am stuck at retrieving the username of the current user and the priv it has.
I tried Select user FROM dual, select current_user. In SQLPlus, to get current user I will type
SQL> show user.
Question being asked:
1. Use a SQL Injection string in the Search field to get the name of the database user that the application is connecting to the database with.
2. Use a SQL Injection string in the Search field to get the system privileges granted to the user that the application is connecting to the database with.
Please help. Thanks