Skip to content

Latest commit

 

History

History
23 lines (14 loc) · 1.18 KB

sql-injection.md

File metadata and controls

23 lines (14 loc) · 1.18 KB

SQL Injection

Detecting SQL Injection

  • Submitting the single quote character ' and looking for errors or other anomalies.
  • Submitting some SQL-specific syntax that evaluates to the base (original) value of the entry point, and to a different value, and looking for systematic differences in the resulting application responses.
  • Submitting Boolean conditions such as OR 1=1 and OR 1=2, and looking for differences in the application's responses.
  • Submitting payloads designed to trigger time delays when executed within a SQL query, and looking for differences in the time taken to respond.
  • Submitting OAST payloads designed to trigger an out-of-band network interaction when executed within a SQL query, and monitoring for any resulting interactions.

{% embed url="https://portswigger.net/web-security/sql-injection" %}

References When Hunting SQLi

PortSwigger SQL Injection Cheat Sheet

{% embed url="https://portswigger.net/web-security/sql-injection/cheat-sheet" %}

NetSPI SQL Injection Wiki

{% embed url="https://sqlwiki.netspi.com" %}

{% embed url="https://www.websec.ca/kb/sql_injection" %}