mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 05:15:26 +00:00
Update README.md
This commit is contained in:
parent
867f243100
commit
c3af630e1d
@ -136,10 +136,8 @@ Detection of an SQL injection entry point
|
|||||||
|
|
||||||
## DBMS Identification VIA Error
|
## DBMS Identification VIA Error
|
||||||
|
|
||||||
When testing for SQL injection error messages can also help in identifying the underlying DBMS:
|
DBMS | Example Error Message | Example Payload |
|
||||||
|
|---------------------|------------------------------------------------------------------------------------------|-----------------|
|
||||||
| DBMS | Example Error Message | Example Payload |
|
|
||||||
|---------------------|------------------------------------------------------------------------------------------------------------
|
|
||||||
| MySQL | `You have an error in your SQL syntax; ... near '' at line 1` | `'` |
|
| MySQL | `You have an error in your SQL syntax; ... near '' at line 1` | `'` |
|
||||||
| PostgreSQL | `ERROR: unterminated quoted string at or near "'"` | `'` |
|
| PostgreSQL | `ERROR: unterminated quoted string at or near "'"` | `'` |
|
||||||
| PostgreSQL | `ERROR: syntax error at or near "1"` | `1'` |
|
| PostgreSQL | `ERROR: syntax error at or near "1"` | `1'` |
|
||||||
@ -149,6 +147,7 @@ When testing for SQL injection error messages can also help in identifying the u
|
|||||||
| Oracle | `ORA-00933: SQL command not properly ended` | `'` |
|
| Oracle | `ORA-00933: SQL command not properly ended` | `'` |
|
||||||
| Oracle | `ORA-01756: quoted string not properly terminated` | `'` |
|
| Oracle | `ORA-01756: quoted string not properly terminated` | `'` |
|
||||||
| Oracle | `ORA-00923: FROM keyword not found where expected` | `1'` |
|
| Oracle | `ORA-00923: FROM keyword not found where expected` | `1'` |
|
||||||
|
------------------------------------------------------------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
## SQL injection using SQLmap
|
## SQL injection using SQLmap
|
||||||
|
Loading…
Reference in New Issue
Block a user