During this weekend I found an excellent article on Internet. It explains in details how one can perform blind SQL injection against MySQL. For interested parties you can find it here:

• http://www.reversing.org/node/view/13

While reading it I found a number of SQL operations that skillful hacker can use it order to exploit SQL injection vulnerability. He can use the following commands:

• current_user(), system_user(), session_user()
• version()
• database()
• into outfile
• load file