The problem with beginners is, they extract data only from the current database in which the vulnerable query is getting executed. They don’t even try to access other databases and their content. So, lot of intermediate and advanced SQL injectors might be aware of the fact that if the query is executed with proper privileges, attacker can access other databases on that SQL server. So, let’s actually take a look at how it’s actually done.