COM 426 COMPUT4R SECURITY COURSE NOTE

BASIC SECURITY TERMINOLOGIES

 Data Backup is the process of making a copy of your digitized

data and other business information in case your data is
damaged, deleted or lost. The backup copy is then used to
recover or restore your data for business continuity and disaster
recovery

 Social Networking is the use of dedicated websites and applications to

interact with other users, or to find people with similar interests to
one's own/.OR
Social networking refers to using internet-based social media
sites to stay connected with friends, family, colleagues, or
customers. Social networking can ...

 Anti Virus There are verities of malicious programs like virus,

worms, trojan horse, etc that are spread over internet to compromise
the security of a computer either to destroy data stored into the
computer or gain financial benefits by sniffing passwords etc. To
prevent these malicious codes to enter to your system, a special
program called an anti-virus is used which is designed to protect the
system against virus. It not only prevents the malicious code to enter
the system but also detects and destroys the malicious code that is
already installed into the system. There are lots of new viruses
coming every day. The antivirus program regularly updates its
database and provides immunity to the system against these new
viruses, worms, etc

 Disaster recovery is an organization's method of regaining access

and functionality to its IT infrastructure after events like a
natural disaster, cyber attack, or even business disruptions
related to the COVID-19 pandemic. A variety of disaster recovery
(DR) methods can be part of a disaster recovery plan.

 Internet security is a term that describes security for activities

and transactions made over the internet. It's a particular
 component of the larger ideas of cybersecurity and computer
security, involving topics including browser security, online
behavior and network security.

 Credit card fraud is an illegal act an individual commits to

defrauding someone who is the actual credit card holder. For
example, the purpose might be to buy goods and services or
make payments to a third-party account not authorized by the
cardholder.

 Wireless network security primarily protects a wireless network

from unauthorized and malicious access attempts. Typically,
wireless network security is delivered through wireless devices
(usually a wireless router/switch) that encrypts and secures all
wireless communication by default.

 Home network security refers to the protection of a network that

connects devices—such as routers, computers, smartphones, and
Wi-Fi-enabled baby monitors and cameras—to each other and to
the internet within a home.

 Bluetooth security supports authentication and encryption.

These features are based on a secret link key that is shared by
pair of devices. A pairing procedure is used when two devices
communicate for the first time to generate this key.
 Mobile Device Security refers to the measures designed to
protect sensitive information stored on and transmitted by
laptops, smartphones, tablets, wearables, and other portable
devices. At the root of mobile device security is the goal of
keeping unauthorized users from accessing the enterprise
network.
 OS security refers to specified steps or measures used to protect
the OS from threats, viruses, worms, malware or remote hacker
intrusions. OS security encompasses all preventive-control
 techniques, which safeguard any computer assets capable of
being stolen, edited or deleted if OS security is compromised.1

WHAT IS CYBER ATTACK

A cyber attack refers to an action designed to target a computer or any
element of a computerized information system to change, destroy, or steal
data, as well as exploit or harm a network. Cyber attacks have been on the
rise, in sync with the digitization of business that has become more and
more popular in recent years.
TYPES OF CYBER ATTACKS

1. Malware Attack

This is one of the most common types of cyberattacks. “Malware” refers to malicious
software viruses including worms, spyware, ransomware, adware, and trojans.

The trojan virus disguises itself as legitimate software. Ransomware blocks access to the
network's key components, whereas Spyware is software that steals all your confidential
data without your knowledge. Adware is software that displays advertising content such
as banners on a user's screen.

Malware breaches a network through a vulnerability. When the user clicks a dangerous
link, it downloads an email attachment or when an infected pen drive is used.

2. Phishing Attack

Phishing attacks are one of the most prominent widespread types of cyberattacks. It is a
type of social engineering attack wherein an attacker impersonates to be a trusted
contact and sends the victim fake mails.

Unaware of this, the victim opens the mail and clicks on the malicious link or opens the
mail's attachment. By doing so, attackers gain access to confidential information and
account credentials. They can also install malware through a phishing attack.

Phishing attacks can be prevented by following the below-mentioned steps:

 Scrutinize the emails you receive. Most phishing emails have significant errors like
spelling mistakes and format changes from that of legitimate sources.
  Make use of an anti-phishing toolbar.

3. Password Attack

It is a form of attack wherein a hacker cracks your password with various programs and
password cracking tools like Aircrack, Cain, Abel, John the Ripper, Hashcat, etc. There
are different types of password attacks like brute force attacks, dictionary attacks, and
keylogger attacks.

Listed below are a few ways to prevent password attacks:

 Use strong alphanumeric passwords with special characters.

 Abstain from using the same password for multiple websites or accounts.

 Update your passwords; this will limit your exposure to a password attack.

4. Man-in-the-Middle Attack

A Man-in-the-Middle Attack (MITM) is also known as an eavesdropping attack. In this

attack, an attacker comes in between a two-party communication, i.e., the attacker
hijacks the session between a client and host. By doing so, hackers steal and manipulate
data.

As seen below, the client-server communication has been cut off, and instead, the
communication line goes through the hacker.

MITM attacks can be prevented by following the below-mentioned steps:

 Be mindful of the security of the website you are using. Use encryption on your
devices.

 Refrain from using public Wi-Fi networks.

5. SQL Injection Attack

A Structured Query Language (SQL) injection attack occurs on a database-driven

website when the hacker manipulates a standard SQL query. It is carried by injecting a
malicious code into a vulnerable website search box, thereby making the server reveal
crucial information.
This results in the attacker being able to view, edit, and delete tables in the databases.
Attackers can also get administrative rights through this.

To prevent a SQL injection attack:

 Use an Intrusion detection system, as they design it to detect unauthorized access to a

network.

 Carry out a validation of the user-supplied data. With a validation process, it keeps
the user input in check.

6. Denial-of-Service Attack

A Denial-of-Service Attack is a significant threat to companies. Here, attackers target

systems, servers, or networks and flood them with traffic to exhaust their resources and
bandwidth.

When this happens, catering to the incoming requests becomes overwhelming for the
servers, resulting in the website it hosts either shut down or slow down. This leaves the
legitimate service requests unattended.

It is also known as a DDoS (Distributed Denial-of-Service) attack when attackers use

multiple compromised systems to launch this attack.

Let’s now look at how to prevent a DDoS attack:

 Run a traffic analysis to identify malicious traffic.

 Understand the warning signs like network slowdown, intermittent website

shutdowns, etc. At such times, the organization must take the necessary steps without
delay.

7. Insider Threat

As the name suggests, an insider threat does not involve a third party but an insider. In
such a case; it could be an individual from within the organization who knows
everything about the organization. Insider threats have the potential to cause
tremendous damages.

Insider threats are rampant in small businesses, as the staff there hold access to
multiple accounts with data. Reasons for this form of an attack are many, it can be
greed, malice, or even carelessness. Insider threats are hard to predict and hence tricky.
To prevent the insider threat attack:

 Organizations should have a good culture of security awareness.

DoS and DDoS Attacks

A denial-of-service (DoS) attack is designed to overwhelm the resources of a system to the

point where it is unable to reply to legitimate service requests. A distributed denial-of-
service (DDoS) attack is similar in that it also seeks to drain the resources of a system.
A DDoS attack is initiated by a vast array of malware-infected host machines controlled by
the attacker. These are referred to as “denial of service” attacks because the victim site is
unable to provide service to those who want to access it.

With a DoS attack, the target site gets flooded with illegitimate requests. Because the site
has to respond to each request, its resources get consumed by all the responses. This makes
it impossible for the site to serve users as it normally does and often results in a complete
shutdown of the site.

DoS and DDoS attacks are different from other types of cyber attacks that enable the hacker
to either obtain access to a system or increase the access they currently have. With these
types of attacks, the attacker directly benefits from their efforts. With DoS and DDoS
network attacks, on the other hand, the objective is simply to interrupt the effectiveness of
the target's service. If the attacker is hired by a business competitor, they may benefit
financially from their efforts.

Ransomware

With Ransomware, the victim’s system is held hostage until they agree to pay a ransom to
the attacker. After the payment has been sent, the attacker then provides instructions
regarding how the target can regain control of their computer. The name "ransomware” is
appropriate because the malware demands a ransom from the victim.

URL Interpretation

With URL interpretation, attackers alter and fabricate certain URL addresses and use them
to gain access to the target’s personal and professional data. This kind of attack is also
referred to as URL poisoning. The name “URL interpretation” comes from the fact that the
attacker knows the order in which a web-page’s URL information needs to be entered. The
attacker then “interprets” this syntax, using it to figure out how to get into areas they do not
have access to.

DNS Spoofing

With Domain Name System (DNS) spoofing, a hacker alters DNS records to send traffic to a
fake or “spoofed” website. Once on the fraudulent site, the victim may enter sensitive
information that can be used or sold by the hacker. The hacker may also construct a poor-
quality site with derogatory or inflammatory content to make a competitor company look
bad.

In a DNS spoofing attack, the attacker takes advantage of the fact that the user thinks the
site they are visiting is legitimate. This gives the attacker the ability to commit crimes in the
name of an innocent company, at least from the perspective of the visitor.

Session Hijacking

Session hijacking is one of multiple types of MITM attacks. The attacker takes over a session
between a client and the server. The computer being used in the attack substitutes its
Internet Protocol (IP) address for that of the client computer, and the server continues the
session without suspecting it is communicating with the attacker instead of the client. This
kind of attack is effective because the server uses the client's IP address to verify its identity.
If the attacker's IP address is inserted partway through the session, the server may not
suspect a breach because it is already engaged in a trusted connection.

Brute force attack

A brute-force attack gets its name from the “brutish” or simple methodology employed by
the attack. The attacker simply tries to guess the login credentials of someone with access to
the target system. Once they get it right, they are in.

Trojan Horses

A Trojan horse attack uses a malicious program that is hidden inside a seemingly legitimate
one. When the user executes the presumably innocent program, the malware inside the
Trojan can be used to open a backdoor into the system through which hackers can penetrate
the computer or network. This threat gets its name from the story of the Greek soldiers who
hid inside a horse to infiltrate the city of Troy and win the war. Once the “gift” was accepted
and brought within the gates of Troy, the Greek soldiers jumped out and attacked. In a
similar way, an unsuspecting user may welcome an innocent-looking application into their
system only to usher in a hidden threat.

WHAT IS LOG ANALYSIS

Log analysis is the process of reviewing computer-generated event logs

to proactively identify bugs, security threats or other risks. Log
analysis can also be used more broadly to ensure compliance with
regulations or review user behavior
HOW TO CONDUCT LOG ANALYSIS
Collect and normalize:
A collector gathers logs from the entire infrastructure to get the necessary data for your
use cases. The SIEM solution should convert, or normalize, log files into the same
format to enable efficient correlation and make querying much easier to learn. Having a
“common language” for all applications within the SIEM also makes it easier to apply
advanced machine learning, such as behavioral analytics.

Centralize:
All logs should be centralized into a single platform to streamline analysis, search and
investigations. Be careful not to leave out critical systems to avoid missing logs with
crucial information when investigating a breach.

Search and analyze:

SIEM solutions require useful analysis techniques, including correlation, pattern
recognition, simple querying, enrichment and classification. Modern solutions also
guide the analyst on what to look for. Additionally, user and entity behavior analytics
(UEBA) removes much of the manual guesswork from log analysis because it uses
machine learning to automatically detect which entities are suspicious and should be
further investigated.

Monitor and alert:

Implementing real-time, automated monitoring of incidents and events within the
network is at the heart of log analysis. Usually, alerts are rule-based, meaning they
trigger based on conditions and thresholds set by the analyst team. Great SIEMs provide
a wealth of correlation rules and other use cases out-of-the-box, guiding the analyst in
what to look for. However, as data volumes grow, rule-based alerting can result in false
positives, overwhelming the analysts, and creating alert fatigue. Machine learning
solutions such as UEBA can help overcome alert fatigue and are worth considering for
mature organizations to be more efficient with their security resources.

Reports and dashboard:

Streamlining reports and dashboards to visualize use cases is key for effective log
analysis. Again, many vendors provide this out-of-the-box, helping analysts identify
what to look for. Reports and dashboards should be easy to customize, based on the
specific requirements within the organ

WHAT IS INCIDENCE RESPONSE?

Incident response (IR) is the steps used to prepare for, detect, contain,
and recover from a data breach
IMPORTANCE OF INCEDENCE RESPONSE
A well-designed IR Plan can ensure efficient identification, containment and resolution
of cyber security incidents. It will also help organisations to:
• Minimise downtime & financial losses.

• Quickly assess the impact of cyber threats & take corrective measures.

• Identify the root cause of an attack & prevent similar incidents in future.

• Restore normal operations & protect data from further loss or misuse.

• Improve cyber security posture and compliance.

• Improve user awareness of cyber threats and response measures.

• Demonstrates a business is serious about its cyber security.

WHAT IS NETWORK TRAFFIC

Network traffic is the amount of data moving across a computer

network at any given time. Network traffic, also called data traffic, is
broken down into data packets and sent over a network before being
reassembled by the receiving device or computer.

HOW TO MONITOR NETWORK

Install a packet sniffer like Wireshark on your computer.
Packet sniffers are one of the most popular ways to monitor network traffic. They are
relatively easy to use and can effectively detect unusual or suspicious activity on your
network.

2. Use NetFlow or sflow data from your routers and

switches.
Netflow and sflow data can be beneficial for monitoring network traffic. They can give you
detailed information on who is sending and receiving data, where it is coming from, and
how much data is being sent.

3. Use the built-in tools in your operating system to

monitor network traffic.
Most operating systems come with a variety of tools that can be used to monitor network
traffic. These tools can be practical but may not provide as much detail as other methods on
this list, but they are still effective in their own right

4. Use third-party software to monitor network traffic.

 Third-party software can provide some amazing benefits when it comes to monitoring
network traffic. These solutions can give you a wealth of information about who is using
your network, what they are doing, and where they are going. Third-party software can also
help you identify bottlenecks in your network so that you can fix them before they cause
major problems. This can save you a lot of time and money in the long run.

5. Use a hardware device like a network tap or packet

broker.
A network tap or packet broker can be used to monitor network traffic. These devices are
placed inline with the network and can provide detailed information on the data being sent
and received.

6. Use a cloud-based service to monitor your network

traffic.
A cloud-based network traffic monitoring service can provide your business with a number
of benefits. Perhaps most importantly, it can give you visibility into your network traffic that
simply wouldn’t be possible without the use of cloud-based resources. This enhanced
visibility can help you to identify potential security threats and prevent them before they
cause any damage.

7. Use a web proxy to monitor web traffic.

A web proxy can monitor traffic to and from a website. This can be useful for monitoring
employee internet usage or blocking specific websites.

8. Use an intrusion detection or prevention system

(IDS/IPS).
An IDS or IPS can be used to detect and prevent attacks on your network. These systems can
be very effective at analyzing the quantity and types of cyber attacks.

9. Review logs from your firewall.

Your firewall logs can contain a wealth of information about the traffic passing through your
network. They allow you to filter out the ordinary traffic and focus on the unusual behavior,
thus helping you to detect any attacks or abnormalities.

10. Review logs from your web server.

Your web server logs can provide valuable information about your website’s traffic, such as
details regarding every request that has been served by an application.

Network Traffic Analysis Implementation

1. Step 1: Determine the Data Sources in Your Organization. ...
2. Step 2: Pick the Optimal Method for Accessing Data Sources. ...
3. Step 3: Begin with a Variety of Data Sample. ...
4. Step 4: Set Up a Continuous Monitoring System, and Decide Where to Send the Data
That is Gathered

DEFINE INTRUSION DECTION SYSTEM (IDS)

An Intrusion Detection System (IDS) is a monitoring system that

detects suspicious activities and generates alerts when they are
detected. Based upon these alerts, a security operations center (SOC)
analyst or incident responder can investigate the issue and take the
appropriate actions to remediate the threat.

HOW TO USE SOME INTRUSION DECTION TOOLS

 SNORT
To use Snort as a packet sniffer, users set the host's network
interface to promiscuous mode to monitor all network traffic on
the local network interface. It then writes the monitored traffic to
its console. By writing desired network traffic to a disk file, Snort
logs packets

Wireshark packet sniffing

1. Open the Wireshark Application.
2. Select the current interface. Here in this example, interface is Ethernet that we would be
using.
3. The network traffic will be shown below, which will be continuous. To stop or watch any
particular packet, you can press the red button below the menu bar.

WHAT IS VULNERABILITY ASSESSMENT?

A vulnerability assessment is the testing process used to identify and

assign severity levels to as many security defects as possible in a given
timeframe. This process may involve automated and manual
techniques with varying degrees of rigor and an emphasis on
comprehensive coverage.
IMPORTANCE OF VULNERABILITY ASSESSMENT

 Identify known security exposures before attackers find them.

 Create an inventory of all the devices on the network, including purpose
and system information. This also includes vulnerabilities associated
with a specific device.
 Create an inventory of all devices in the enterprise to help with the
planning of upgrades and future assessments.
 Define the level of risk that exists on the network.
 Establish a business risk/benefit curve and optimize security
investments.

Vulnerability Assessment Types

Several types of vulnerability assessments can be conducted, including:
1. Network-Based Vulnerability Assessment

A network-based vulnerability assessment identifies vulnerabilities in network devices

such as routers, switches, firewalls, and other network infrastructure components. The
primary goal of a network-based vulnerability assessment is to identify weaknesses in
the network that attackers could exploit to gain unauthorized access, steal data, or
launch attacks.

Network-based vulnerability assessments typically involve specialized software tools

and techniques that scan the network for vulnerabilities. These tools may use various
methods to identify vulnerabilities, such as port scanning, vulnerability scanning,
password cracking, and network mapping.
2. Application-Based Vulnerability Assessment

An application vulnerability assessment identifies vulnerabilities in software

applications, including web applications, mobile applications, and desktop
applications.

These assessments typically involve testing the application for common vulnerabilities,
such as SQL injection, cross-site scripting (XSS), and cross-site request forgery
(CSRF). Application vulnerability assessments can be performed using both
automated and manual methods.
3. API-Based Vulnerability Assessment

API vulnerability assessment is conducted to identify and mitigate potential security

risks in APIs. This process identifies vulnerabilities and weaknesses in the API’s
design, implementation, and deployment. The goal is to ensure that the API is secure,
reliable, and resilient to attacks.
4. Host-Based Vulnerability Assessment

A host-based vulnerability assessment identifies vulnerabilities in individual host

systems, including servers, workstations, and laptops.

These assessments typically involve scanning the host system for known
vulnerabilities, such as missing security patches or outdated software. Host-based
vulnerability assessments can be performed using both automated and manual
methods.
5. Wireless Network Vulnerability Assessment

A wireless network vulnerability assessment focuses on identifying vulnerabilities in

wireless networks, including Wi-Fi networks. These assessments typically involve
testing the wireless network for common vulnerabilities, such as weak encryption,
default passwords, and rogue access points.

Wireless network vulnerability assessments can be performed using specialized

software tools and techniques.
6. Physical Vulnerability Assessment

A physical vulnerability assessment identifies vulnerabilities in physical security

measures, such as locks, surveillance cameras, and access control systems. These
assessments typically involve physical inspections of the facility and its security
measures and testing the effectiveness of those measures.
7. Social Engineering Vulnerability Assessment

A social engineering vulnerability assessment identifies vulnerabilities in human

behavior, such as phishing attacks and other social engineering techniques.

This vulnerability assessment type typically involves simulated attacks against

employees to test their awareness of security threats and their ability to identify and
respond to them.
8. Cloud-Based Vulnerability Assessment

A cloud-based vulnerability assessment identifies vulnerabilities in cloud

infrastructure and services, such as Amazon Web Services (AWS) and Microsoft
Azure.

These assessments scan the cloud infrastructure for known vulnerabilities and test the
security of cloud applications and services.

Steps to conduct a vulnerability assessment

With the right tools in hand, you can perform a vulnerability assessment by
working through the following steps:

1. Asset discovery
First, you need to decide what you want to scan, which isn’t always as simple
as it sounds. One of the most common cyber security challenges facing
organizations is a lack of visibility into their digital infrastructure and its
connected devices. Some reasons for this include:

 Mobile Devices: Smartphones, laptops, and similar devices are designed

to disconnect and reconnect frequently from the office, as well as

employee’s homes and often other remote locations.

 IoT Devices: IoT devices are part of the corporate infrastructure but may
be connected primarily to mobile networks.

 Cloud-Based Infrastructure: Cloud services providers make it easy to spin

up new servers as needed without IT involvement.

2. Prioritization
Once you know what you’ve got, the next question is whether you can afford to
run a vulnerability assessment on all of it. In a perfect world, you would be
running a vulnerability assessment regularly on all of your systems. However,
vendors often charge per-asset, so prioritization can help where budgets can’t
cover every asset the company owns.
Some examples of where you may wish to prioritize are:

 Internet-facing servers

 Customer-facing applications

 Databases containing sensitive information

3. Vulnerability scanning
Vulnerability scanners are designed to identify known security weaknesses
and provide guidance on how to fix them. Because these vulnerabilities are
commonly publicly reported, there is a lot of information available about
vulnerable software. Vulnerability scanners use this information to identify
vulnerable devices and software in an organization’s infrastructure. The
scanner initially sends probes to systems to identify:

 Open ports & running services

 Software versions

 Configuration settings

4. Result analysis & remediation

After the vulnerability scan is complete, the scanner provides an assessment
report. When reading and developing remediation plans based on this report,
you should consider the following:

 Severity: A vulnerability scanner should label a potential vulnerability

based upon its severity. When planning for remediation, focus on the
most severe vulnerabilities first, but avoid ignoring the rest forever. It’s
not uncommon for hackers to chain several mild vulnerabilities to create
 an exploit. A good vulnerability scanner will suggest timelines for when
to fix each issue.

 Vulnerability Exposure: Remembering the prioritization above - not all

vulnerabilities are on public-facing systems. Internet-facing systems are
more likely to be exploited by any random attacker scanning the
internet, making them a higher priority for remediation. After that,
you’ll want to prioritize any employee laptops with vulnerable software
installed. Additionally, any systems that host particularly sensitive data,
or could adversely affect your business may need to be prioritized ahead
of others.

5. Continuous cyber security

A vulnerability scan provides a point in time snapshot of the vulnerabilities
present in an organization’s digital infrastructure. However, new deployments,
configuration changes, newly discovered vulnerabilities, and other factors can
quickly make the organization vulnerable again. For this reason, you must
make vulnerability management a continuous process rather than a one-time
exercise. Read more about vulnerability scanning frequency best practices.

HOW CARRYOUT DDos ATTACK

Stage 1: Creating the Botnet

To create a botnet, a hacker needs an approach to assume responsibility for
a great many gadgets — these could be PCs, cell phones, or IoT gadgets, for
example, webcams or brilliant fridges. Stage 2: Controlling the Botnet

As te programmer assumes responsibility for every gadget, they'll

accomplish something so it will comply with any directions the programmer
sends to the gadget. (For instance, installing a small program on it.)
Stage 3: Executing the Attack
Once the hacker has a huge number of gadgets available to him no matter
what, he can execute the DDoS attack. There are a couple of various kinds of
DDoS attacks (read them below).

HOW TO RECOVER FROM DDos ATTACK


 Analyze the Attack
 Assess Damages
 Identify Weak Spots
The next step after identifying damages is to identify any weak spots in your
defense – that is, why was attack traffic able to get through?

 Did any attack traffic get through? If so, how much?

 Were there any specific attack vectors that were more successful than
others? In particular, were there some patterns that were stopped,
while others were able to get through?
 Were there any targeted resources that were impacted more than
others? For example, were there some resources (networks, servers,
applications, etc.) that were able to fend off the attack, while others
were impacted?
 Did legitimate users experience any false positives? What was the
ratio of legitimate traffic to malicious traffic that was stopped (or
allowed to go through)?

By identifying weak spots, you should try to understand not

only what resources were impacted, but also why they were impacted. Was
there a particular type of attack that was able to get through, or –
conversely – were there specific services that were impacted while others
were not?

Another key element to look at is false positives. If your protections are

deployed too broadly, this can lead to false-positives which prevent
legitimate users from accessing services. Even though not a result of the
attack itself, for end customers the experience is the same…

Identifying weak spots in your armor helps you to address them in the next
steps.
  Verify Security Vendor SLA
 Consider Upgrading Your DDoS Defenses

DEFINE SQL INJECTION ATTACK

SQL injection, also known as SQLI, is a common attack vector that
uses malicious SQL code for backend database manipulation to access
information that was not intended to be displayed. This information
may include any number of items, including sensitive company data,
user lists or private customer details

HOW TO CARRYOUT SQL INJECTION ATTACK

 First step search error in database using add -’ in url.

 Next step search number of look for the amount of data
sequentially using query order by.
 Display the database nama using query database().
 Display Database user using query user().
 Obtain Database version using query version()
 Now you can search table name using query union select
1,2,3,4,5,6,7,8,9,10,group_concat(table_name) from
information_schema.tables where table_schema=database() —

 Obtain the Column name in database using query union select

1,2,3,4,5,6,7,8,9,10,group_concat(column_name) from
information schema.columns where table_name=0x7573657273
—
 Now you can dump database in table user.