Update README.md

This commit is contained in:
Mark 2024-05-26 10:40:54 -04:00 committed by GitHub
parent 867f243100
commit c3af630e1d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -136,10 +136,8 @@ Detection of an SQL injection entry point
## DBMS Identification VIA Error ## DBMS Identification VIA Error
When testing for SQL injection error messages can also help in identifying the underlying DBMS: DBMS | Example Error Message | Example Payload |
|---------------------|------------------------------------------------------------------------------------------|-----------------|
| DBMS | Example Error Message | Example Payload |
|---------------------|------------------------------------------------------------------------------------------------------------
| MySQL | `You have an error in your SQL syntax; ... near '' at line 1` | `'` | | MySQL | `You have an error in your SQL syntax; ... near '' at line 1` | `'` |
| PostgreSQL | `ERROR: unterminated quoted string at or near "'"` | `'` | | PostgreSQL | `ERROR: unterminated quoted string at or near "'"` | `'` |
| PostgreSQL | `ERROR: syntax error at or near "1"` | `1'` | | PostgreSQL | `ERROR: syntax error at or near "1"` | `1'` |
@ -149,6 +147,7 @@ When testing for SQL injection error messages can also help in identifying the u
| Oracle | `ORA-00933: SQL command not properly ended` | `'` | | Oracle | `ORA-00933: SQL command not properly ended` | `'` |
| Oracle | `ORA-01756: quoted string not properly terminated` | `'` | | Oracle | `ORA-01756: quoted string not properly terminated` | `'` |
| Oracle | `ORA-00923: FROM keyword not found where expected` | `1'` | | Oracle | `ORA-00923: FROM keyword not found where expected` | `1'` |
------------------------------------------------------------------------------------------------------------------------------------
## SQL injection using SQLmap ## SQL injection using SQLmap