NetSPI · JacobReynolds · Nov 15, 2022 · Nov 15, 2022 · Nov 15, 2022
diff --git a/dbmsIdentification/sqlserver.html b/dbmsIdentification/sqlserver.html
@@ -18,6 +18,16 @@ <h3 id="sql-injection-detection">DBMS Identification</h3>
       <td>Default variable</td>
       <td>page.asp?id=sql'; SELECT @@SERVERNAME -- </td>
     </tr>
+    <tr>
+      <td>String concatenation</td>
+      <td>page.php?id='mssql'+'mssql' -- </td>
+    </tr>
+    <tr>
+      <td>Functions</td>
+      <td>@@rowcount -- <br>
+      SQUARE(1) -- <br>
+      @@pack_received -- </td>
+    </tr>
     <tr>
       <td>Error messages<br/><i>Note: Triggering DB errors through invalid syntax will sometimes return verbose error messages that include the DBMS name.</i></td>
       <td>page.asp?id='</td>